Package software.amazon.awscdk.services.bedrockagentcore
Amazon Bedrock AgentCore Construct Library
| Language | Package |
| :--------------------------------------------------------------------------------------------- | --------------------------------------- |
| 
TypeScript | aws-cdk-lib/aws-bedrockagentcore |
Amazon Bedrock AgentCore enables you to deploy and operate highly capable AI agents securely, at scale. It offers infrastructure purpose-built for dynamic agent workloads, powerful tools to enhance agents, and essential controls for real-world deployment. AgentCore services can be used together or independently and work with any framework including CrewAI, LangGraph, LlamaIndex, and Strands Agents, as well as any foundation model in or outside of Amazon Bedrock, giving you ultimate flexibility. AgentCore eliminates the undifferentiated heavy lifting of building specialized agent infrastructure, so you can accelerate agents to production.
This construct library facilitates the deployment of Bedrock AgentCore primitives, enabling you to create sophisticated AI applications that can interact with your systems and data sources.
Note: Users need to ensure their CDK deployment role has the
iam:CreateServiceLinkedRolepermission for AgentCore service-linked roles.
Table of contents
- Amazon Bedrock AgentCore Construct Library
- Table of contents
- AgentCore Runtime
- Runtime Endpoints
- AgentCore Runtime Properties
- Runtime Endpoint Properties
- Creating a Runtime
- Granting Permissions to Invoke Bedrock Models or Inference Profiles
- Runtime Versioning
- Creating Standalone Runtime Endpoints
- Runtime Authentication Configuration
- Runtime Network Configuration
- Runtime IAM Permissions
- Other configuration
- Browser
- Code Interpreter
- Gateway
- Gateway Target
- Memory
- Online Evaluation
AgentCore Runtime
The AgentCore Runtime construct enables you to deploy containerized agents on Amazon Bedrock AgentCore. This L2 construct simplifies runtime creation just pass your ECR repository name and the construct handles all the configuration with sensible defaults.
Runtime Endpoints
Endpoints provide a stable way to invoke specific versions of your agent runtime, enabling controlled deployments across different environments. When you create an agent runtime, Amazon Bedrock AgentCore automatically creates a "DEFAULT" endpoint which always points to the latest version of runtime.
You can create additional endpoints in two ways:
- Using Runtime.addEndpoint() - Convenient method when creating endpoints alongside the runtime.
- Using RuntimeEndpoint - Flexible approach for existing runtimes.
For example, you might keep a "production" endpoint on a stable version while testing newer versions through a "staging" endpoint. This separation allows you to test changes thoroughly before promoting them to production by simply updating the endpoint to point to the newer version.
AgentCore Runtime Properties
| Name | Type | Required | Description |
|------|------|----------|-------------|
| runtimeName | string | No | The name of the agent runtime. Valid characters are a-z, A-Z, 0-9, _ (underscore). Must start with a letter and can be up to 48 characters long. If not provided, a unique name will be auto-generated |
| agentRuntimeArtifact | AgentRuntimeArtifact | Yes | The artifact configuration for the agent runtime containing the container configuration with ECR URI |
| executionRole | iam.IRole | No | The IAM role that provides permissions for the agent runtime. If not provided, a role will be created automatically |
| networkConfiguration | NetworkConfiguration | No | Network configuration for the agent runtime. Defaults to RuntimeNetworkConfiguration.usingPublicNetwork() |
| description | string | No | Optional description for the agent runtime |
| protocolConfiguration | ProtocolType | No | Protocol configuration for the agent runtime. Defaults to ProtocolType.HTTP |
| authorizerConfiguration | RuntimeAuthorizerConfiguration | No | Authorizer configuration for the agent runtime. Use RuntimeAuthorizerConfiguration static methods to create configurations for IAM, Cognito, JWT, or OAuth authentication |
| environmentVariables | { [key: string]: string } | No | Environment variables for the agent runtime. Maximum 50 environment variables |
| tags | { [key: string]: string } | No | Tags for the agent runtime. A list of key:value pairs of tags to apply to this Runtime resource |
| lifecycleConfiguration | LifecycleConfiguration | No | The life cycle configuration for the AgentCore Runtime. Defaults to 900 seconds (15 minutes) for idle, 28800 seconds (8 hours) for max life time |
| requestHeaderConfiguration | RequestHeaderConfiguration | No | Configuration for HTTP request headers that will be passed through to the runtime. Defaults to no configuration |
Runtime Endpoint Properties
| Name | Type | Required | Description |
|------|------|----------|-------------|
| endpointName | string | No | The name of the runtime endpoint. Valid characters are a-z, A-Z, 0-9, _ (underscore). Must start with a letter and can be up to 48 characters long. If not provided, a unique name will be auto-generated |
| agentRuntimeId | string | Yes | The Agent Runtime ID for this endpoint |
| agentRuntimeVersion | string | Yes | The Agent Runtime version for this endpoint. Must be between 1 and 5 characters long.|
| description | string | No | Optional description for the runtime endpoint |
| tags | { [key: string]: string } | No | Tags for the runtime endpoint |
Creating a Runtime
Option 1: Use an existing image in ECR
Reference an image available within ECR.
Repository repository = Repository.Builder.create(this, "TestRepository")
.repositoryName("test-agent-runtime")
.build();
// The runtime by default create ECR permission only for the repository available in the account the stack is being deployed
AgentRuntimeArtifact agentRuntimeArtifact = AgentRuntimeArtifact.fromEcrRepository(repository, "v1.0.0");
// Create runtime using the built image
Runtime runtime = Runtime.Builder.create(this, "MyAgentRuntime")
.runtimeName("myAgent")
.agentRuntimeArtifact(agentRuntimeArtifact)
.build();
Option 2: Use a local asset
Reference a local directory containing a Dockerfile. Images are built from a local Docker context directory (with a Dockerfile), uploaded to Amazon Elastic Container Registry (ECR) by the CDK toolkit,and can be naturally referenced in your CDK app.
AgentRuntimeArtifact agentRuntimeArtifact = AgentRuntimeArtifact.fromAsset(path.join(__dirname, "path to agent dockerfile directory"));
Runtime runtime = Runtime.Builder.create(this, "MyAgentRuntime")
.runtimeName("myAgent")
.agentRuntimeArtifact(agentRuntimeArtifact)
.build();
Option 3: Use direct code deployment
With the container deployment method, developers create a Dockerfile, build ARM-compatible containers, manage ECR repositories, and upload containers for code changes. This works well where container DevOps pipelines have already been established to automate deployments.
However, customers looking for fully managed deployments can benefit from direct code deployment, which can significantly improve developer time and productivity. Direct code deployment provides a secure and scalable path forward for rapid prototyping agent capabilities to deploying production workloads at scale.
With direct code deployment, developers create a zip archive of code and dependencies, upload to Amazon S3, and configure the bucket in the agent configuration. A ZIP archive containing Linux arm64 dependencies needs to be uploaded to S3 as a pre-requisite to Create Agent Runtime.
For more information, please refer to the documentation.
// S3 bucket containing the agent core
Bucket codeBucket = Bucket.Builder.create(this, "AgentCode")
.bucketName("my-code-bucket")
.removalPolicy(RemovalPolicy.DESTROY)
.build();
// the bucket above needs to contain the agent code
AgentRuntimeArtifact agentRuntimeArtifact = AgentRuntimeArtifact.fromS3(Location.builder()
.bucketName(codeBucket.getBucketName())
.objectKey("deployment_package.zip")
.build(), AgentCoreRuntime.PYTHON_3_12, List.of("opentelemetry-instrument", "main.py"));
Runtime runtimeInstance = Runtime.Builder.create(this, "MyAgentRuntime")
.runtimeName("myAgent")
.agentRuntimeArtifact(agentRuntimeArtifact)
.build();
Alternatively, you can use local code assets that will be automatically packaged and uploaded to a CDK-managed S3 bucket:
AgentRuntimeArtifact agentRuntimeArtifact = AgentRuntimeArtifact.fromCodeAsset(CodeAssetOptions.builder()
.path(path.join(__dirname, "path/to/agent/code"))
.runtime(AgentCoreRuntime.PYTHON_3_12)
.entrypoint(List.of("opentelemetry-instrument", "main.py"))
.build());
Runtime runtimeInstance = Runtime.Builder.create(this, "MyAgentRuntime")
.runtimeName("myAgent")
.agentRuntimeArtifact(agentRuntimeArtifact)
.build();
Option 4: Use an ECR container image URI
Reference an ECR container image directly by its URI. This is useful when you have a pre-existing ECR image URI from CloudFormation parameters or cross-stack references. No IAM permissions are automatically granted - you must ensure the runtime has ECR pull permissions.
// Direct URI reference
AgentRuntimeArtifact agentRuntimeArtifact = AgentRuntimeArtifact.fromImageUri("123456789012.dkr.ecr.us-east-1.amazonaws.com/my-agent:v1.0.0");
Runtime runtime = Runtime.Builder.create(this, "MyAgentRuntime")
.runtimeName("myAgent")
.agentRuntimeArtifact(agentRuntimeArtifact)
.build();
You can also use CloudFormation parameters or references:
// Using a CloudFormation parameter
CfnParameter imageUriParam = CfnParameter.Builder.create(this, "ImageUri")
.type("String")
.description("Container image URI for the agent runtime")
.build();
AgentRuntimeArtifact agentRuntimeArtifact = AgentRuntimeArtifact.fromImageUri(imageUriParam.getValueAsString());
Runtime runtime = Runtime.Builder.create(this, "MyAgentRuntime")
.runtimeName("myAgent")
.agentRuntimeArtifact(agentRuntimeArtifact)
.build();
Granting Permissions to Invoke Bedrock Models or Inference Profiles
To grant the runtime permissions to invoke Bedrock models or inference profiles:
// Note: This example uses aws-cdk-lib/aws-bedrock for foundation model references
Runtime runtime;
// Define the Bedrock Foundation Model
FoundationModel model = FoundationModel.fromFoundationModelId(this, "Model", FoundationModelIdentifier.ANTHROPIC_CLAUDE_3_7_SONNET_20250219_V1_0);
// Grant the runtime permissions to invoke the model
runtime.role.addToPrincipalPolicy(PolicyStatement.Builder.create()
.actions(List.of("bedrock:InvokeModel"))
.resources(List.of(model.getModelArn()))
.build());
Runtime Versioning
Amazon Bedrock AgentCore automatically manages runtime versioning to ensure safe deployments and rollback capabilities. When you create an agent runtime, AgentCore automatically creates version 1 (V1). Each subsequent update to the runtime configuration (such as updating the container image, modifying network settings, or changing protocol configurations) creates a new immutable version. These versions contain complete, self-contained configurations that can be referenced by endpoints, allowing you to maintain different versions for different environments or gradually roll out updates.
Managing Endpoints and Versions
Amazon Bedrock AgentCore automatically manages runtime versioning to provide safe deployments and rollback capabilities. You can follow the steps below to understand how to use versioning with runtime for controlled deployments across different environments.
Step 1: Initial Deployment
When you first create an agent runtime, AgentCore automatically creates Version 1 of your runtime. At this point, a DEFAULT endpoint is automatically created that points to Version 1. This DEFAULT endpoint serves as the main access point for your runtime.
Repository repository = Repository.Builder.create(this, "TestRepository")
.repositoryName("test-agent-runtime")
.build();
Runtime runtime = Runtime.Builder.create(this, "MyAgentRuntime")
.runtimeName("myAgent")
.agentRuntimeArtifact(AgentRuntimeArtifact.fromEcrRepository(repository, "v1.0.0"))
.build();
Step 2: Creating Custom Endpoints
After the initial deployment, you can create additional endpoints for different environments. For example, you might create a "production" endpoint that explicitly points to Version 1. This allows you to maintain stable access points for specific environments while keeping the flexibility to test newer versions elsewhere.
Repository repository = Repository.Builder.create(this, "TestRepository")
.repositoryName("test-agent-runtime")
.build();
Runtime runtime = Runtime.Builder.create(this, "MyAgentRuntime")
.runtimeName("myAgent")
.agentRuntimeArtifact(AgentRuntimeArtifact.fromEcrRepository(repository, "v1.0.0"))
.build();
RuntimeEndpoint prodEndpoint = runtime.addEndpoint("production", AddEndpointOptions.builder()
.version("1")
.description("Stable production endpoint - pinned to v1")
.build());
Step 3: Runtime Update Deployment
When you update the runtime configuration (such as updating the container image, modifying network settings, or changing protocol configurations), AgentCore automatically creates a new version (Version 2). Upon this update:
- Version 2 is created automatically with the new configuration
- The DEFAULT endpoint automatically updates to point to Version 2
- Any explicitly pinned endpoints (like the production endpoint) remain on their specified versions
Repository repository = Repository.Builder.create(this, "TestRepository")
.repositoryName("test-agent-runtime")
.build();
AgentRuntimeArtifact agentRuntimeArtifactNew = AgentRuntimeArtifact.fromEcrRepository(repository, "v2.0.0");
Runtime runtime = Runtime.Builder.create(this, "MyAgentRuntime")
.runtimeName("myAgent")
.agentRuntimeArtifact(agentRuntimeArtifactNew)
.build();
Step 4: Testing with Staging Endpoints
Once Version 2 exists, you can create a staging endpoint that points to the new version. This staging endpoint allows you to test the new version in a controlled environment before promoting it to production. This separation ensures that production traffic continues to use the stable version while you validate the new version.
Repository repository = Repository.Builder.create(this, "TestRepository")
.repositoryName("test-agent-runtime")
.build();
AgentRuntimeArtifact agentRuntimeArtifactNew = AgentRuntimeArtifact.fromEcrRepository(repository, "v2.0.0");
Runtime runtime = Runtime.Builder.create(this, "MyAgentRuntime")
.runtimeName("myAgent")
.agentRuntimeArtifact(agentRuntimeArtifactNew)
.build();
RuntimeEndpoint stagingEndpoint = runtime.addEndpoint("staging", AddEndpointOptions.builder()
.version("2")
.description("Staging environment for testing new version")
.build());
Step 5: Promoting to Production
After thoroughly testing the new version through the staging endpoint, you can update the production endpoint to point to Version 2. This controlled promotion process ensures that you can validate changes before they affect production traffic.
Repository repository = Repository.Builder.create(this, "TestRepository")
.repositoryName("test-agent-runtime")
.build();
AgentRuntimeArtifact agentRuntimeArtifactNew = AgentRuntimeArtifact.fromEcrRepository(repository, "v2.0.0");
Runtime runtime = Runtime.Builder.create(this, "MyAgentRuntime")
.runtimeName("myAgent")
.agentRuntimeArtifact(agentRuntimeArtifactNew)
.build();
RuntimeEndpoint prodEndpoint = runtime.addEndpoint("production", AddEndpointOptions.builder()
.version("2") // New version added here
.description("Stable production endpoint")
.build());
Creating Standalone Runtime Endpoints
RuntimeEndpoint can also be created as a standalone resource.
Example: Creating an endpoint for an existing runtime
// Reference an existing runtime by its ID
String existingRuntimeId = "abc123-runtime-id"; // The ID of an existing runtime
// Create a standalone endpoint
RuntimeEndpoint endpoint = RuntimeEndpoint.Builder.create(this, "MyEndpoint")
.endpointName("production")
.agentRuntimeId(existingRuntimeId)
.agentRuntimeVersion("1") // Specify which version to use
.description("Production endpoint for existing runtime")
.build();
Runtime Authentication Configuration
The AgentCore Runtime supports multiple authentication modes to secure access to your agent endpoints. Authentication is configured during runtime creation using the RuntimeAuthorizerConfiguration class's static factory methods.
IAM Authentication (Default)
IAM authentication is the default mode, when no authorizerConfiguration is set then the underlying service use IAM.
Cognito Authentication
To configure AWS Cognito User Pool authentication:
UserPool userPool;
UserPoolClient userPoolClient;
UserPoolClient anotherUserPoolClient;
Repository repository = Repository.Builder.create(this, "TestRepository")
.repositoryName("test-agent-runtime")
.build();
AgentRuntimeArtifact agentRuntimeArtifact = AgentRuntimeArtifact.fromEcrRepository(repository, "v1.0.0");
// Optional: Create custom claims for additional validation
RuntimeCustomClaim[] customClaims = List.of(RuntimeCustomClaim.withStringValue("department", "engineering"), RuntimeCustomClaim.withStringArrayValue("roles", List.of("admin"), CustomClaimOperator.CONTAINS), RuntimeCustomClaim.withStringArrayValue("permissions", List.of("read", "write"), CustomClaimOperator.CONTAINS_ANY));
Runtime runtime = Runtime.Builder.create(this, "MyAgentRuntime")
.runtimeName("myAgent")
.agentRuntimeArtifact(agentRuntimeArtifact)
.authorizerConfiguration(RuntimeAuthorizerConfiguration.usingCognito(userPool, List.of(userPoolClient, anotherUserPoolClient), List.of("audience1"), List.of("read", "write"), customClaims))
.build();
You can configure:
- User Pool: The Cognito User Pool that issues JWT tokens
- User Pool Clients: One or more Cognito User Pool App Clients that are allowed to access the runtime
- Allowed audiences: Used to validate that the audiences specified in the Cognito token match or are a subset of the audiences specified in the AgentCore Runtime
- Allowed scopes: Allow access only if the token contains at least one of the required scopes configured here
- Custom claims: A set of rules to match specific claims in the incoming token against predefined values for validating JWT tokens
JWT Authentication
To configure custom JWT authentication with your own OpenID Connect (OIDC) provider:
Repository repository = Repository.Builder.create(this, "TestRepository")
.repositoryName("test-agent-runtime")
.build();
AgentRuntimeArtifact agentRuntimeArtifact = AgentRuntimeArtifact.fromEcrRepository(repository, "v1.0.0");
Runtime runtime = Runtime.Builder.create(this, "MyAgentRuntime")
.runtimeName("myAgent")
.agentRuntimeArtifact(agentRuntimeArtifact)
.authorizerConfiguration(RuntimeAuthorizerConfiguration.usingJWT("https://example.com/.well-known/openid-configuration", List.of("client1", "client2"), List.of("audience1"), List.of("read", "write")))
.build();
You can configure:
- Discovery URL: Enter the Discovery URL from your identity provider (e.g. Okta, Cognito, etc.), typically found in that provider's documentation. This allows your Agent or Tool to fetch login, downstream resource token, and verification settings.
- Allowed audiences: This is used to validate that the audiences specified for the OAuth token matches or are a subset of the audiences specified in the AgentCore Runtime.
- Allowed clients: This is used to validate that the public identifier of the client, as specified in the authorization token, is allowed to access the AgentCore Runtime.
- Allowed scopes: Allow access only if the token contains at least one of the required scopes configured here.
- Custom claims: A set of rules to match specific claims in the incoming token against predefined values for validating JWT tokens.
Note: The discovery URL must end with /.well-known/openid-configuration.
Custom Claims Validation
Custom claims allow you to validate additional fields in JWT tokens beyond the standard audience, client, and scope validations. You can create custom claims using the RuntimeCustomClaim class:
Repository repository = Repository.Builder.create(this, "TestRepository")
.repositoryName("test-agent-runtime")
.build();
AgentRuntimeArtifact agentRuntimeArtifact = AgentRuntimeArtifact.fromEcrRepository(repository, "v1.0.0");
// String claim - validates that the claim exactly equals the specified value
// Uses EQUALS operator automatically
RuntimeCustomClaim departmentClaim = RuntimeCustomClaim.withStringValue("department", "engineering");
// String array claim with CONTAINS operator (default)
// Validates that the claim array contains a specific string value
// IMPORTANT: CONTAINS requires exactly one value in the array parameter
RuntimeCustomClaim rolesClaim = RuntimeCustomClaim.withStringArrayValue("roles", List.of("admin"));
// String array claim with CONTAINS_ANY operator
// Validates that the claim array contains at least one of the specified values
// Use this when you want to check for multiple possible values
RuntimeCustomClaim permissionsClaim = RuntimeCustomClaim.withStringArrayValue("permissions", List.of("read", "write"), CustomClaimOperator.CONTAINS_ANY);
// Use custom claims in authorizer configuration
Runtime runtime = Runtime.Builder.create(this, "MyAgentRuntime")
.runtimeName("myAgent")
.agentRuntimeArtifact(agentRuntimeArtifact)
.authorizerConfiguration(RuntimeAuthorizerConfiguration.usingJWT("https://example.com/.well-known/openid-configuration", List.of("client1", "client2"), List.of("audience1"), List.of("read", "write"), List.of(departmentClaim, rolesClaim, permissionsClaim)))
.build();
Custom Claim Rules:
- String claims: Must use the
EQUALSoperator (automatically set). The claim value must exactly match the specified string. - String array claims: Can use
CONTAINS(default) orCONTAINS_ANYoperators:CONTAINS: Checks if the claim array contains a specific string value. Requires exactly one value in the array parameter. For example,['admin']will check if the token's claim array contains the string'admin'.CONTAINS_ANY: Checks if the claim array contains at least one of the provided string values. Use this when you want to validate against multiple possible values. For example,['read', 'write']will check if the token's claim array contains either'read'or'write'.
Example Use Cases:
- Use
CONTAINSwhen you need to verify a user has a specific role:RuntimeCustomClaim.withStringArrayValue('roles', ['admin']) - Use
CONTAINS_ANYwhen you need to verify a user has any of several permissions:RuntimeCustomClaim.withStringArrayValue('permissions', ['read', 'write'], CustomClaimOperator.CONTAINS_ANY)
OAuth Authentication
To configure OAuth 2.0 authentication:
Repository repository = Repository.Builder.create(this, "TestRepository")
.repositoryName("test-agent-runtime")
.build();
AgentRuntimeArtifact agentRuntimeArtifact = AgentRuntimeArtifact.fromEcrRepository(repository, "v1.0.0");
Runtime runtime = Runtime.Builder.create(this, "MyAgentRuntime")
.runtimeName("myAgent")
.agentRuntimeArtifact(agentRuntimeArtifact)
.authorizerConfiguration(RuntimeAuthorizerConfiguration.usingOAuth("https://github.com/.well-known/openid-configuration", "oauth_client_123", List.of("audience1"), List.of("openid", "profile")))
.build();
Using a Custom IAM Role
Instead of using the auto-created execution role, you can provide your own IAM role with specific permissions: The auto-created role includes all necessary baseline permissions for ECR access, CloudWatch logging, and X-Ray tracing. When providing a custom role, ensure these permissions are included.
Runtime Network Configuration
The AgentCore Runtime supports two network modes for deployment:
Public Network Mode (Default)
By default, runtimes are deployed in PUBLIC network mode, which provides internet access suitable for less sensitive or open-use scenarios:
Repository repository = Repository.Builder.create(this, "TestRepository")
.repositoryName("test-agent-runtime")
.build();
AgentRuntimeArtifact agentRuntimeArtifact = AgentRuntimeArtifact.fromEcrRepository(repository, "v1.0.0");
// Explicitly using public network (this is the default)
Runtime runtime = Runtime.Builder.create(this, "MyAgentRuntime")
.runtimeName("myAgent")
.agentRuntimeArtifact(agentRuntimeArtifact)
.networkConfiguration(RuntimeNetworkConfiguration.usingPublicNetwork())
.build();
VPC Network Mode
For enhanced security and network isolation, you can deploy your runtime within a VPC:
Repository repository = Repository.Builder.create(this, "TestRepository")
.repositoryName("test-agent-runtime")
.build();
AgentRuntimeArtifact agentRuntimeArtifact = AgentRuntimeArtifact.fromEcrRepository(repository, "v1.0.0");
// Create or use an existing VPC
Vpc vpc = Vpc.Builder.create(this, "MyVpc")
.maxAzs(2)
.build();
// Configure runtime with VPC
Runtime runtime = Runtime.Builder.create(this, "MyAgentRuntime")
.runtimeName("myAgent")
.agentRuntimeArtifact(agentRuntimeArtifact)
.networkConfiguration(RuntimeNetworkConfiguration.usingVpc(this, VpcConfigProps.builder()
.vpc(vpc)
.vpcSubnets(SubnetSelection.builder().subnetType(SubnetType.PRIVATE_WITH_EGRESS).build())
.build()))
.build();
Managing Security Groups with VPC Configuration
When using VPC mode, the Runtime implements ec2.IConnectable, allowing you to manage network access using the connections property:
Vpc vpc = Vpc.Builder.create(this, "MyVpc")
.maxAzs(2)
.build();
Repository repository = Repository.Builder.create(this, "TestRepository")
.repositoryName("test-agent-runtime")
.build();
AgentRuntimeArtifact agentRuntimeArtifact = AgentRuntimeArtifact.fromEcrRepository(repository, "v1.0.0");
// Create runtime with VPC configuration
Runtime runtime = Runtime.Builder.create(this, "MyAgentRuntime")
.runtimeName("myAgent")
.agentRuntimeArtifact(agentRuntimeArtifact)
.networkConfiguration(RuntimeNetworkConfiguration.usingVpc(this, VpcConfigProps.builder()
.vpc(vpc)
.vpcSubnets(SubnetSelection.builder().subnetType(SubnetType.PRIVATE_WITH_EGRESS).build())
.build()))
.build();
// Now you can manage network access using the connections property
// Allow inbound HTTPS traffic from a specific security group
SecurityGroup webServerSecurityGroup = SecurityGroup.Builder.create(this, "WebServerSG").vpc(vpc).build();
runtime.connections.allowFrom(webServerSecurityGroup, Port.tcp(443), "Allow HTTPS from web servers");
// Allow outbound connections to a database
SecurityGroup databaseSecurityGroup = SecurityGroup.Builder.create(this, "DatabaseSG").vpc(vpc).build();
runtime.connections.allowTo(databaseSecurityGroup, Port.tcp(5432), "Allow PostgreSQL connection");
// Allow outbound HTTPS to anywhere (for external API calls)
runtime.connections.allowToAnyIpv4(Port.tcp(443), "Allow HTTPS outbound");
Runtime IAM Permissions
The Runtime construct provides convenient methods for granting IAM permissions to principals that need to invoke the runtime or manage its execution role.
Repository repository = Repository.Builder.create(this, "TestRepository")
.repositoryName("test-agent-runtime")
.build();
AgentRuntimeArtifact agentRuntimeArtifact = AgentRuntimeArtifact.fromEcrRepository(repository, "v1.0.0");
// Create a runtime
Runtime runtime = Runtime.Builder.create(this, "MyRuntime")
.runtimeName("my_runtime")
.agentRuntimeArtifact(agentRuntimeArtifact)
.build();
// Create a Lambda function that needs to invoke the runtime
Function invokerFunction = Function.Builder.create(this, "InvokerFunction")
.runtime(Runtime.PYTHON_3_12)
.handler("index.handler")
.code(Code.fromInline("\nimport boto3\ndef handler(event, context):\n client = boto3.client('bedrock-agentcore')\n # Invoke the runtime...\n "))
.build();
// Grant permission to invoke the runtime directly
runtime.grantInvokeRuntime(invokerFunction);
// Grant permission to invoke the runtime on behalf of a user
// (requires X-Amzn-Bedrock-AgentCore-Runtime-User-Id header)
runtime.grantInvokeRuntimeForUser(invokerFunction);
// Grant both invoke permissions (most common use case)
runtime.grantInvoke(invokerFunction);
// Grant specific custom permissions to the runtime's execution role
runtime.grant(List.of("bedrock:InvokeModel"), List.of("arn:aws:bedrock:*:*:*"));
// Add a policy statement to the runtime's execution role
runtime.addToRolePolicy(PolicyStatement.Builder.create()
.actions(List.of("s3:GetObject"))
.resources(List.of("arn:aws:s3:::my-bucket/*"))
.build());
Other configuration
Lifecycle configuration
The LifecycleConfiguration input parameter to CreateAgentRuntime lets you manage the lifecycle of runtime sessions and resources in Amazon Bedrock AgentCore Runtime. This configuration helps optimize resource utilization by automatically cleaning up idle sessions and preventing long-running instances from consuming resources indefinitely.
You can configure:
- idleRuntimeSessionTimeout: Timeout in seconds for idle runtime sessions. When a session remains idle for this duration, it will trigger termination. Termination can last up to 15 seconds due to logging and other process completion. Default: 900 seconds (15 minutes)
- maxLifetime: Maximum lifetime for the instance in seconds. Once reached, instances will initialize termination. Termination can last up to 15 seconds due to logging and other process completion. Default: 28800 seconds (8 hours)
For additional information, please refer to the documentation.
Repository repository = Repository.Builder.create(this, "TestRepository")
.repositoryName("test-agent-runtime")
.build();
AgentRuntimeArtifact agentRuntimeArtifact = AgentRuntimeArtifact.fromEcrRepository(repository, "v1.0.0");
Runtime.Builder.create(this, "test-runtime")
.runtimeName("test_runtime")
.agentRuntimeArtifact(agentRuntimeArtifact)
.lifecycleConfiguration(LifecycleConfiguration.builder()
.idleRuntimeSessionTimeout(Duration.minutes(10))
.maxLifetime(Duration.hours(4))
.build())
.build();
Request header configuration
Custom headers let you pass contextual information from your application directly to your agent code without cluttering the main request payload. This includes authentication tokens like JWT (JSON Web Tokens, which contain user identity and authorization claims) through the Authorization header, allowing your agent to make decisions based on who is calling it. You can also pass custom metadata like user preferences, session identifiers, or trace context using headers prefixed with X-Amzn-Bedrock-AgentCore-Runtime-Custom-, giving your agent access to up to 20 pieces of runtime context that travel alongside each request. This information can be also used in downstream systems like AgentCore Memory that you can namespace based on those characteristics like user_id or aud in claims like line of business.
For additional information, please refer to the documentation.
Repository repository = Repository.Builder.create(this, "TestRepository")
.repositoryName("test-agent-runtime")
.build();
AgentRuntimeArtifact agentRuntimeArtifact = AgentRuntimeArtifact.fromEcrRepository(repository, "v1.0.0");
Runtime.Builder.create(this, "test-runtime")
.runtimeName("test_runtime")
.agentRuntimeArtifact(agentRuntimeArtifact)
.requestHeaderConfiguration(RequestHeaderConfiguration.builder()
.allowlistedHeaders(List.of("X-Amzn-Bedrock-AgentCore-Runtime-Custom-H1"))
.build())
.build();
Observability configuration
The Runtime construct supports observability features including X-Ray tracing and logging to CloudWatch Logs, S3, or Kinesis Data Firehose. This allows you to monitor and debug your agent runtime invocations.
You can configure:
- tracingEnabled: Enable X-Ray tracing for the runtime
- loggingConfigs: Send APPLICATION_LOGS (agent runtime invocations) and USAGE_LOGS (session-level resource consumption) to CloudWatch Logs, S3, or Kinesis Data Firehose
For additional information, please refer to the Set up logging and tracing for AgentCore.
Repository repository = Repository.Builder.create(this, "TestRepository")
.repositoryName("test-agent-runtime")
.build();
AgentRuntimeArtifact agentRuntimeArtifact = AgentRuntimeArtifact.fromEcrRepository(repository, "v1.0.0");
// Create logging destinations
LogGroup logGroup = new LogGroup(this, "RuntimeLogGroup");
Bucket logBucket = new Bucket(this, "RuntimeLogBucket");
DeliveryStream firehoseStream = DeliveryStream.Builder.create(this, "RuntimeLogStream")
.destination(new S3Bucket(logBucket))
.build();
Runtime.Builder.create(this, "test-runtime")
.runtimeName("test_runtime")
.agentRuntimeArtifact(agentRuntimeArtifact)
.tracingEnabled(true)
.loggingConfigs(List.of(LoggingConfig.builder()
.logType(LogType.APPLICATION_LOGS)
.destination(LoggingDestination.cloudWatchLogs(logGroup))
.build(), LoggingConfig.builder()
.logType(LogType.APPLICATION_LOGS)
.destination(LoggingDestination.s3(logBucket))
.build(), LoggingConfig.builder()
.logType(LogType.APPLICATION_LOGS)
.destination(LoggingDestination.firehose(firehoseStream))
.build()))
.build();
Browser
The Amazon Bedrock AgentCore Browser provides a secure, cloud-based browser that enables AI agents to interact with websites. It includes security features such as session isolation, built-in observability through live viewing, CloudTrail logging, and session replay capabilities.
Additional information about the browser tool can be found in the official documentation
Browser Network modes
The Browser construct supports the following network modes:
- Public Network Mode (
BrowserNetworkMode.usingPublicNetwork()) - Default- Allows internet access for web browsing and external API calls
- Suitable for scenarios where agents need to interact with publicly available websites
- Enables full web browsing capabilities
- VPC mode is not supported with this option
- VPC (Virtual Private Cloud) (
BrowserNetworkMode.usingVpc())- Select whether to run the browser in a virtual private cloud (VPC).
- By configuring VPC connectivity, you enable secure access to private resources such as databases, internal APIs, and services within your VPC.
While the VPC itself is mandatory, these are optional:
- Subnets - if not provided, CDK will select appropriate subnets from the VPC
- Security Groups - if not provided, CDK will create a default security group
- Specific subnet selection criteria - you can let CDK choose automatically
For more information on VPC connectivity for Amazon Bedrock AgentCore Browser, please refer to the official documentation.
Browser Properties
| Name | Type | Required | Description |
|------|------|----------|-------------|
| browserCustomName | string | No | The name of the browser. Must start with a letter and can be up to 48 characters long. Pattern: [a-zA-Z][a-zA-Z0-9_]{0,47}. If not provided, a unique name will be auto-generated |
| description | string | No | Optional description for the browser. Can have up to 200 characters |
| networkConfiguration | BrowserNetworkConfiguration | No | Network configuration for browser. Defaults to PUBLIC network mode |
| recordingConfig | RecordingConfig | No | Recording configuration for browser. Defaults to no recording |
| executionRole | iam.IRole | No | The IAM role that provides permissions for the browser to access AWS services. A new role will be created if not provided |
| tags | { [key: string]: string } | No | Tags to apply to the browser resource |
| browserSigning | BrowserSigning | No | Browser signing configuration. Defaults to DISABLED |
Basic Browser Creation
// Create a basic browser with public network access
BrowserCustom browser = BrowserCustom.Builder.create(this, "MyBrowser")
.browserCustomName("my_browser")
.description("A browser for web automation")
.build();
Browser with Tags
// Create a browser with custom tags
BrowserCustom browser = BrowserCustom.Builder.create(this, "MyBrowser")
.browserCustomName("my_browser")
.description("A browser for web automation with tags")
.networkConfiguration(BrowserNetworkConfiguration.usingPublicNetwork())
.tags(Map.of(
"Environment", "Production",
"Team", "AI/ML",
"Project", "AgentCore"))
.build();
Browser with VPC
BrowserCustom browser = BrowserCustom.Builder.create(this, "BrowserVpcWithRecording")
.browserCustomName("browser_recording")
.networkConfiguration(BrowserNetworkConfiguration.usingVpc(this, VpcConfigProps.builder()
.vpc(Vpc.Builder.create(this, "VPC").restrictDefaultSecurityGroup(false).build())
.build()))
.build();
Browser exposes a connections property. This property returns a connections object, which simplifies the process of defining and managing ingress and egress rules for security groups in your AWS CDK applications. Instead of directly manipulating security group rules, you interact with the Connections object of a construct, which then translates your connectivity requirements into the appropriate security group rules. For instance:
Vpc vpc = new Vpc(this, "testVPC");
BrowserCustom browser = BrowserCustom.Builder.create(this, "test-browser")
.browserCustomName("test_browser")
.networkConfiguration(BrowserNetworkConfiguration.usingVpc(this, VpcConfigProps.builder()
.vpc(vpc)
.build()))
.build();
browser.connections.addSecurityGroup(SecurityGroup.Builder.create(this, "AdditionalGroup").vpc(vpc).build());
So security groups can be added after the browser construct creation. You can use methods like allowFrom() and allowTo() to grant ingress access to/egress access from a specified peer over a given portRange. The Connections object automatically adds the necessary ingress or egress rules to the security group(s) associated with the calling construct.
Browser with Recording Configuration
// Create an S3 bucket for recordings
Bucket recordingBucket = Bucket.Builder.create(this, "RecordingBucket")
.bucketName("my-browser-recordings")
.removalPolicy(RemovalPolicy.DESTROY)
.build();
// Create browser with recording enabled
BrowserCustom browser = BrowserCustom.Builder.create(this, "MyBrowser")
.browserCustomName("my_browser")
.description("Browser with recording enabled")
.networkConfiguration(BrowserNetworkConfiguration.usingPublicNetwork())
.recordingConfig(RecordingConfig.builder()
.enabled(true)
.s3Location(Location.builder()
.bucketName(recordingBucket.getBucketName())
.objectKey("browser-recordings/")
.build())
.build())
.build();
Browser with Custom Execution Role
// Create a custom execution role
Role executionRole = Role.Builder.create(this, "BrowserExecutionRole")
.assumedBy(new ServicePrincipal("bedrock-agentcore.amazonaws.com"))
.managedPolicies(List.of(ManagedPolicy.fromAwsManagedPolicyName("AmazonBedrockAgentCoreBrowserExecutionRolePolicy")))
.build();
// Create browser with custom execution role
BrowserCustom browser = BrowserCustom.Builder.create(this, "MyBrowser")
.browserCustomName("my_browser")
.description("Browser with custom execution role")
.networkConfiguration(BrowserNetworkConfiguration.usingPublicNetwork())
.executionRole(executionRole)
.build();
Browser with S3 Recording and Permissions
// Create an S3 bucket for recordings
Bucket recordingBucket = Bucket.Builder.create(this, "RecordingBucket")
.bucketName("my-browser-recordings")
.removalPolicy(RemovalPolicy.DESTROY)
.build();
// Create browser with recording enabled
BrowserCustom browser = BrowserCustom.Builder.create(this, "MyBrowser")
.browserCustomName("my_browser")
.description("Browser with recording enabled")
.networkConfiguration(BrowserNetworkConfiguration.usingPublicNetwork())
.recordingConfig(RecordingConfig.builder()
.enabled(true)
.s3Location(Location.builder()
.bucketName(recordingBucket.getBucketName())
.objectKey("browser-recordings/")
.build())
.build())
.build();
Browser with Browser signing
AI agents need to browse the web on your behalf. When your agent visits a website to gather information, complete a form, or verify data, it encounters the same defenses designed to stop unwanted bots: CAPTCHAs, rate limits, and outright blocks.
Amazon Bedrock AgentCore Browser supports Web Bot Auth. Web Bot Auth is a draft IETF protocol that gives agents verifiable cryptographic identities. When you enable Web Bot Auth in AgentCore Browser, the service issues cryptographic credentials that websites can verify. The agent presents these credentials with every request. The WAF may now additionally check the signature, confirm it matches a trusted directory, and allow the request through if verified bots are allowed by the domain owner and other WAF checks are clear.
To enable the browser to sign requests using the Web Bot Auth protocol, create a browser tool with the browserSigning configuration:
BrowserCustom browser = BrowserCustom.Builder.create(this, "test-browser")
.browserCustomName("test_browser")
.browserSigning(BrowserSigning.ENABLED)
.build();
Browser IAM Permissions
The Browser construct provides convenient methods for granting IAM permissions:
// Create a browser
BrowserCustom browser = BrowserCustom.Builder.create(this, "MyBrowser")
.browserCustomName("my_browser")
.description("Browser for web automation")
.networkConfiguration(BrowserNetworkConfiguration.usingPublicNetwork())
.build();
// Create a role that needs access to the browser
Role userRole = Role.Builder.create(this, "UserRole")
.assumedBy(new ServicePrincipal("lambda.amazonaws.com"))
.build();
// Grant read permissions (Get and List actions)
browser.grantRead(userRole);
// Grant use permissions (Start, Update, Stop actions)
browser.grantUse(userRole);
// Grant specific custom permissions
browser.grant(userRole, "bedrock-agentcore:GetBrowserSession");
Code Interpreter
The Amazon Bedrock AgentCore Code Interpreter enables AI agents to write and execute code securely in sandbox environments, enhancing their accuracy and expanding their ability to solve complex end-to-end tasks. This is critical in Agentic AI applications where the agents may execute arbitrary code that can lead to data compromise or security risks. The AgentCore Code Interpreter tool provides secure code execution, which helps you avoid running into these issues.
For more information about code interpreter, please refer to the official documentation
Code Interpreter Network Modes
The Code Interpreter construct supports the following network modes:
- Public Network Mode (
CodeInterpreterNetworkMode.usingPublicNetwork()) - Default- Allows internet access for package installation and external API calls
- Suitable for development and testing environments
- Enables downloading Python packages from PyPI
- Sandbox Network Mode (
CodeInterpreterNetworkMode.usingSandboxNetwork())- Isolated network environment with no internet access
- Suitable for production environments with strict security requirements
- Only allows access to pre-installed packages and local resources
- VPC (Virtual Private Cloud) (
CodeInterpreterNetworkMode.usingVpc())- Select whether to run the browser in a virtual private cloud (VPC).
- By configuring VPC connectivity, you enable secure access to private resources such as databases, internal APIs, and services within your VPC.
While the VPC itself is mandatory, these are optional:
- Subnets - if not provided, CDK will select appropriate subnets from the VPC
- Security Groups - if not provided, CDK will create a default security group
- Specific subnet selection criteria - you can let CDK choose automatically
For more information on VPC connectivity for Amazon Bedrock AgentCore Browser, please refer to the official documentation.
Code Interpreter Properties
| Name | Type | Required | Description |
|------|------|----------|-------------|
| codeInterpreterCustomName | string | No | The name of the code interpreter. Must start with a letter and can be up to 48 characters long. Pattern: [a-zA-Z][a-zA-Z0-9_]{0,47}. If not provided, a unique name will be auto-generated |
| description | string | No | Optional description for the code interpreter. Can have up to 200 characters |
| executionRole | iam.IRole | No | The IAM role that provides permissions for the code interpreter to access AWS services. A new role will be created if not provided |
| networkConfiguration | CodeInterpreterNetworkConfiguration | No | Network configuration for code interpreter. Defaults to PUBLIC network mode |
| tags | { [key: string]: string } | No | Tags to apply to the code interpreter resource |
Basic Code Interpreter Creation
// Create a basic code interpreter with public network access
CodeInterpreterCustom codeInterpreter = CodeInterpreterCustom.Builder.create(this, "MyCodeInterpreter")
.codeInterpreterCustomName("my_code_interpreter")
.description("A code interpreter for Python execution")
.build();
Code Interpreter with VPC
CodeInterpreterCustom codeInterpreter = CodeInterpreterCustom.Builder.create(this, "MyCodeInterpreter")
.codeInterpreterCustomName("my_sandbox_interpreter")
.description("Code interpreter with isolated network access")
.networkConfiguration(BrowserNetworkConfiguration.usingVpc(this, VpcConfigProps.builder()
.vpc(Vpc.Builder.create(this, "VPC").restrictDefaultSecurityGroup(false).build())
.build()))
.build();
Code Interpreter exposes a connections property. This property returns a connections object, which simplifies the process of defining and managing ingress and egress rules for security groups in your AWS CDK applications. Instead of directly manipulating security group rules, you interact with the Connections object of a construct, which then translates your connectivity requirements into the appropriate security group rules. For instance:
Vpc vpc = new Vpc(this, "testVPC");
CodeInterpreterCustom codeInterpreter = CodeInterpreterCustom.Builder.create(this, "MyCodeInterpreter")
.codeInterpreterCustomName("my_sandbox_interpreter")
.description("Code interpreter with isolated network access")
.networkConfiguration(BrowserNetworkConfiguration.usingVpc(this, VpcConfigProps.builder()
.vpc(vpc)
.build()))
.build();
codeInterpreter.connections.addSecurityGroup(SecurityGroup.Builder.create(this, "AdditionalGroup").vpc(vpc).build());
So security groups can be added after the browser construct creation. You can use methods like allowFrom() and allowTo() to grant ingress access to/egress access from a specified peer over a given portRange. The Connections object automatically adds the necessary ingress or egress rules to the security group(s) associated with the calling construct.
Code Interpreter with Sandbox Network Mode
// Create code interpreter with sandbox network mode (isolated)
CodeInterpreterCustom codeInterpreter = CodeInterpreterCustom.Builder.create(this, "MyCodeInterpreter")
.codeInterpreterCustomName("my_sandbox_interpreter")
.description("Code interpreter with isolated network access")
.networkConfiguration(CodeInterpreterNetworkConfiguration.usingSandboxNetwork())
.build();
Code Interpreter with Custom Execution Role
// Create a custom execution role
Role executionRole = Role.Builder.create(this, "CodeInterpreterExecutionRole")
.assumedBy(new ServicePrincipal("bedrock-agentcore.amazonaws.com"))
.build();
// Create code interpreter with custom execution role
CodeInterpreterCustom codeInterpreter = CodeInterpreterCustom.Builder.create(this, "MyCodeInterpreter")
.codeInterpreterCustomName("my_code_interpreter")
.description("Code interpreter with custom execution role")
.networkConfiguration(CodeInterpreterNetworkConfiguration.usingPublicNetwork())
.executionRole(executionRole)
.build();
Code Interpreter IAM Permissions
The Code Interpreter construct provides convenient methods for granting IAM permissions:
// Create a code interpreter
CodeInterpreterCustom codeInterpreter = CodeInterpreterCustom.Builder.create(this, "MyCodeInterpreter")
.codeInterpreterCustomName("my_code_interpreter")
.description("Code interpreter for Python execution")
.networkConfiguration(CodeInterpreterNetworkConfiguration.usingPublicNetwork())
.build();
// Create a role that needs access to the code interpreter
Role userRole = Role.Builder.create(this, "UserRole")
.assumedBy(new ServicePrincipal("lambda.amazonaws.com"))
.build();
// Grant read permissions (Get and List actions)
codeInterpreter.grantRead(userRole);
// Grant use permissions (Start, Invoke, Stop actions)
codeInterpreter.grantUse(userRole);
// Grant specific custom permissions
codeInterpreter.grant(userRole, "bedrock-agentcore:GetCodeInterpreterSession");
Code interpreter with tags
// Create code interpreter with sandbox network mode (isolated)
CodeInterpreterCustom codeInterpreter = CodeInterpreterCustom.Builder.create(this, "MyCodeInterpreter")
.codeInterpreterCustomName("my_sandbox_interpreter")
.description("Code interpreter with isolated network access")
.networkConfiguration(CodeInterpreterNetworkConfiguration.usingPublicNetwork())
.tags(Map.of(
"Environment", "Production",
"Team", "AI/ML",
"Project", "AgentCore"))
.build();
Gateway
The Gateway construct provides a way to create Amazon Bedrock Agent Core Gateways, which serve as integration points between agents and external services.
Gateway Properties
| Name | Type | Required | Description |
|------|------|----------|-------------|
| gatewayName | string | No | The name of the gateway. Valid characters are a-z, A-Z, 0-9, _ (underscore) and - (hyphen). Maximum 100 characters. If not provided, a unique name will be auto-generated |
| description | string | No | Optional description for the gateway. Maximum 200 characters |
| protocolConfiguration | IGatewayProtocolConfig | No | The protocol configuration for the gateway. Defaults to MCP protocol |
| authorizerConfiguration | IGatewayAuthorizerConfig | No | The authorizer configuration for the gateway. Defaults to Cognito |
| exceptionLevel | GatewayExceptionLevel | No | The verbosity of exception messages. Use DEBUG mode to see granular exception messages |
| kmsKey | kms.IKey | No | The AWS KMS key used to encrypt data associated with the gateway |
| role | iam.IRole | No | The IAM role that provides permissions for the gateway to access AWS services. A new role will be created if not provided |
| tags | { [key: string]: string } | No | Tags for the gateway. A list of key:value pairs of tags to apply to this Gateway resource |
Basic Gateway Creation
The protocol configuration defaults to MCP and the inbound auth configuration uses Cognito (it is automatically created on your behalf).
// Create a basic gateway with default MCP protocol and Cognito authorizer
Gateway gateway = Gateway.Builder.create(this, "MyGateway")
.gatewayName("my-gateway")
.build();
Protocol configuration
Currently MCP is the only protocol available. To configure it, use the protocol property with McpProtocolConfiguration:
- Instructions: Guidance for how to use the gateway with your tools
- Semantic search: Smart tool discovery that finds the right tools without typical limits. It improves accuracy by finding relevant tools based on context
- Supported versions: Which MCP protocol versions the gateway can use
Gateway gateway = Gateway.Builder.create(this, "MyGateway")
.gatewayName("my-gateway")
.protocolConfiguration(McpProtocolConfiguration.Builder.create()
.instructions("Use this gateway to connect to external MCP tools")
.searchType(McpGatewaySearchType.SEMANTIC)
.supportedVersions(List.of(MCPProtocolVersion.MCP_2025_03_26))
.build())
.build();
Inbound authorization
Before you create your gateway, you must set up inbound authorization. Inbound authorization validates users who attempt to access targets through your AgentCore gateway. By default, if not provided, the construct will create and configure Cognito as the default identity provider (inbound Auth setup). AgentCore supports the following types of inbound authorization:
JSON Web Token (JWT) – A secure and compact token used for authorization. After creating the JWT, you specify it as the authorization configuration when you create the gateway. You can create a JWT with any of the identity providers at Provider setup and configuration.
You can configure a custom authorization provider using the authorizerConfiguration property with GatewayAuthorizer.usingCustomJwt().
You need to specify an OAuth discovery server and client IDs/audiences when you create the gateway. You can specify the following:
- Discovery Url — String that must match the pattern ^.+/.well-known/openid-configuration$ for OpenID Connect discovery URLs
- At least one of the below options depending on the chosen identity provider.
- Allowed audiences — List of allowed audiences for JWT tokens
- Allowed clients — List of allowed client identifiers
- Allowed scopes — List of allowed scopes for JWT tokens
- Custom claims — Optional custom claim validations (see Custom Claims Validation section below)
// Optional: Create custom claims (CustomClaimOperator and GatewayCustomClaim from agentcore)
GatewayCustomClaim[] customClaims = List.of(GatewayCustomClaim.withStringValue("department", "engineering"), GatewayCustomClaim.withStringArrayValue("roles", List.of("admin"), CustomClaimOperator.CONTAINS), GatewayCustomClaim.withStringArrayValue("permissions", List.of("read", "write"), CustomClaimOperator.CONTAINS_ANY));
Gateway gateway = Gateway.Builder.create(this, "MyGateway")
.gatewayName("my-gateway")
.authorizerConfiguration(GatewayAuthorizer.usingCustomJwt(CustomJwtConfiguration.builder()
.discoveryUrl("https://auth.example.com/.well-known/openid-configuration")
.allowedAudience(List.of("my-app"))
.allowedClients(List.of("my-client-id"))
.allowedScopes(List.of("read", "write"))
.customClaims(customClaims)
.build()))
.build();
IAM – Authorizes through the credentials of the AWS IAM identity trying to access the gateway.
Gateway gateway = Gateway.Builder.create(this, "MyGateway")
.gatewayName("my-gateway")
.authorizerConfiguration(GatewayAuthorizer.usingAwsIam())
.build();
// Grant access to a Lambda function's role
Role lambdaRole = Role.Builder.create(this, "LambdaRole")
.assumedBy(new ServicePrincipal("lambda.amazonaws.com"))
.build();
// The Lambda needs permission to invoke the gateway
gateway.grantInvoke(lambdaRole);
No Authorization – Creates a gateway with no inbound authorization. This is useful for building public MCP servers, or when you want to skip gateway-level authentication and enforce tool execution-level authentication using Gateway Interceptors.
Gateway gateway = Gateway.Builder.create(this, "MyGateway")
.gatewayName("my-gateway")
.authorizerConfiguration(GatewayAuthorizer.withNoAuth())
.build();
⚠️ Important: Do not use No Authorization gateways for production workloads unless you have implemented all the security best practices. No Authorization gateways are most appropriate for testing and development purposes. See Security Best Practices for required compensating controls.
For more information, see No Authorization.
Cognito with M2M (Machine-to-Machine) Authentication (Default) – When no authorizer is specified, the construct automatically creates a Cognito User Pool configured for OAuth 2.0 client credentials flow. This enables machine-to-machine authentication suitable for AI agents and service-to-service communication.
For more information, see Setting up Amazon Cognito for Gateway inbound authorization.
// Create a gateway with default Cognito M2M authorizer
Gateway gateway = Gateway.Builder.create(this, "MyGateway")
.gatewayName("my-gateway")
.build();
// Access the Cognito resources for authentication setup
IUserPool userPool = gateway.getUserPool();
IUserPoolClient userPoolClient = gateway.getUserPoolClient();
// Get the token endpoint URL and OAuth scopes for client credentials flow
String tokenEndpointUrl = gateway.getTokenEndpointUrl();
String[] oauthScopes = gateway.getOauthScopes();
Using Cognito User Pool Explicitly with Custom Claims – You can also use an existing Cognito User Pool with custom claims:
UserPool userPool;
UserPoolClient userPoolClient;
// Optional: Create custom claims (CustomClaimOperator and GatewayCustomClaim from agentcore)
GatewayCustomClaim[] customClaims = List.of(GatewayCustomClaim.withStringValue("department", "engineering"), GatewayCustomClaim.withStringArrayValue("roles", List.of("admin"), CustomClaimOperator.CONTAINS), GatewayCustomClaim.withStringArrayValue("permissions", List.of("read", "write"), CustomClaimOperator.CONTAINS_ANY));
Gateway gateway = Gateway.Builder.create(this, "MyGateway")
.gatewayName("my-gateway")
.authorizerConfiguration(GatewayAuthorizer.usingCognito(CognitoAuthorizerProps.builder()
.userPool(userPool)
.allowedClients(List.of(userPoolClient))
.allowedAudiences(List.of("audience1"))
.allowedScopes(List.of("read", "write"))
.customClaims(customClaims)
.build()))
.build();
To authenticate with the gateway, request an access token using the client credentials flow and use it to call Gateway endpoints. For more information about the token endpoint, see The token issuer endpoint.
The following is an example of a token request using curl:
curl -X POST "${TOKEN_ENDPOINT_URL}" \
-H "Content-Type: application/x-www-form-urlencoded" \
-d "grant_type=client_credentials" \
-d "client_id=${USER_POOL_CLIENT_ID}" \
-d "client_secret=${CLIENT_SECRET}" \
-d "scope=${OAUTH_SCOPES}"
Gateway with KMS Encryption
You can provide a KMS key, and configure the authorizer as well as the protocol configuration.
// Create a KMS key for encryption
Key encryptionKey = Key.Builder.create(this, "GatewayEncryptionKey")
.enableKeyRotation(true)
.description("KMS key for gateway encryption")
.build();
// Create gateway with KMS encryption
Gateway gateway = Gateway.Builder.create(this, "MyGateway")
.gatewayName("my-encrypted-gateway")
.description("Gateway with KMS encryption")
.protocolConfiguration(McpProtocolConfiguration.Builder.create()
.instructions("Use this gateway to connect to external MCP tools")
.searchType(McpGatewaySearchType.SEMANTIC)
.supportedVersions(List.of(MCPProtocolVersion.MCP_2025_03_26))
.build())
.authorizerConfiguration(GatewayAuthorizer.usingCustomJwt(CustomJwtConfiguration.builder()
.discoveryUrl("https://auth.example.com/.well-known/openid-configuration")
.allowedAudience(List.of("my-app"))
.allowedClients(List.of("my-client-id"))
.allowedScopes(List.of("read", "write"))
.build()))
.kmsKey(encryptionKey)
.exceptionLevel(GatewayExceptionLevel.DEBUG)
.build();
Gateway with Custom Execution Role
// Create a custom execution role
Role executionRole = Role.Builder.create(this, "GatewayExecutionRole")
.assumedBy(new ServicePrincipal("bedrock-agentcore.amazonaws.com"))
.managedPolicies(List.of(ManagedPolicy.fromAwsManagedPolicyName("AmazonBedrockAgentCoreGatewayExecutionRolePolicy")))
.build();
// Create gateway with custom execution role
Gateway gateway = Gateway.Builder.create(this, "MyGateway")
.gatewayName("my-gateway")
.description("Gateway with custom execution role")
.protocolConfiguration(McpProtocolConfiguration.Builder.create()
.instructions("Use this gateway to connect to external MCP tools")
.searchType(McpGatewaySearchType.SEMANTIC)
.supportedVersions(List.of(MCPProtocolVersion.MCP_2025_03_26))
.build())
.authorizerConfiguration(GatewayAuthorizer.usingCustomJwt(CustomJwtConfiguration.builder()
.discoveryUrl("https://auth.example.com/.well-known/openid-configuration")
.allowedAudience(List.of("my-app"))
.allowedClients(List.of("my-client-id"))
.allowedScopes(List.of("read", "write"))
.build()))
.role(executionRole)
.build();
Gateway IAM Permissions
The Gateway construct provides convenient methods for granting IAM permissions:
// Create a gateway
Gateway gateway = Gateway.Builder.create(this, "MyGateway")
.gatewayName("my-gateway")
.description("Gateway for external service integration")
.protocolConfiguration(McpProtocolConfiguration.Builder.create()
.instructions("Use this gateway to connect to external MCP tools")
.searchType(McpGatewaySearchType.SEMANTIC)
.supportedVersions(List.of(MCPProtocolVersion.MCP_2025_03_26))
.build())
.authorizerConfiguration(GatewayAuthorizer.usingCustomJwt(CustomJwtConfiguration.builder()
.discoveryUrl("https://auth.example.com/.well-known/openid-configuration")
.allowedAudience(List.of("my-app"))
.allowedClients(List.of("my-client-id"))
.allowedScopes(List.of("read", "write"))
.build()))
.build();
// Create a role that needs access to the gateway
Role userRole = Role.Builder.create(this, "UserRole")
.assumedBy(new ServicePrincipal("lambda.amazonaws.com"))
.build();
// Grant read permissions (Get and List actions)
gateway.grantRead(userRole);
// Grant manage permissions (Create, Update, Delete actions)
gateway.grantManage(userRole);
// Grant specific custom permissions
gateway.grant(userRole, "bedrock-agentcore:GetGateway");
Gateway Target
After Creating gateways, you can add targets which define the tools that your gateway will host. Gateway supports multiple target types including Lambda functions and API specifications (either OpenAPI schemas or Smithy models). Gateway allows you to attach multiple targets to a Gateway and you can change the targets / tools attached to a gateway at any point. Each target can have its own credential provider attached enabling you to securely access targets whether they need IAM, API Key, or OAuth credentials.
Gateway Target Properties
| Name | Type | Required | Description |
|------|------|----------|-------------|
| gatewayTargetName | string | No | The name of the gateway target. Valid characters are a-z, A-Z, 0-9, _ (underscore) and - (hyphen). If not provided, a unique name will be auto-generated |
| description | string | No | Optional description for the gateway target. Maximum 200 characters |
| gateway | IGateway | Yes | The gateway this target belongs to |
| targetConfiguration | ITargetConfiguration | Yes | The target configuration (Lambda, OpenAPI, Smithy, or API Gateway). Note: Users typically don't create this directly. When using convenience methods like GatewayTarget.forLambda(), GatewayTarget.forOpenApi(), GatewayTarget.forSmithy(), GatewayTarget.forApiGateway(), GatewayTarget.forMcpServer() or the gateway's addLambdaTarget(), addOpenApiTarget(), addSmithyTarget(), addApiGatewayTarget(), addMcpServerTarget() methods, this configuration is created internally for you. Only needed when using the GatewayTarget constructor directly for advanced scenarios. |
| credentialProviderConfigurations | IGatewayCredentialProvider[] | No | Credential providers for authentication. Defaults to [GatewayCredentialProvider.fromIamRole()]. With Token Vault L2 constructs, prefer GatewayCredentialProvider.fromApiKeyIdentity() / fromOauthIdentity(); otherwise use fromApiKeyIdentityArn() / fromOauthIdentityArn(), or fromIamRole() |
| validateOpenApiSchema | boolean | No | (OpenAPI targets only) Whether to validate the OpenAPI schema at synthesis time. Defaults to true. Only applies to inline and local asset schemas. For more information refer here https://docs.aws.amazon.com/bedrock-agentcore/latest/devguide/gateway-schema-openapi.html |
This approach gives you full control over the configuration but is typically not necessary for most use cases.
Targets types
You can create the following targets types:
Lambda Target: Lambda targets allow you to connect your gateway to AWS Lambda functions that implement your tools. This is useful when you want to execute custom code in response to tool invocations.
- Supports GATEWAY_IAM_ROLE credential provider only
- Ideal for custom serverless function integration
- Need tool schema (tool schema is a blueprint that describes the functions your Lambda provides to AI agents). The construct provide 3 ways to upload a tool schema to Lambda target
- When using the default IAM authentication (no
credentialProviderConfigurationsspecified), the construct automatocally grants the gateway role permission to invoke your Lambda function (lambda:InvokeFunction).
OpenAPI Schema Target : OpenAPI widely used standard for describing RESTful APIs. Gateway supports OpenAPI 3.0 specifications for defining API targets. It connects to REST APIs using OpenAPI specifications
- Supports OAUTH and API_KEY credential providers (Do not support IAM, you must provide
credentialProviderConfigurations) - Ideal for integrating with external REST services
- Need API schema. The construct provide 3 ways to upload a API schema to OpenAPI target
Smithy Model Target : Smithy is a language for defining services and software development kits (SDKs). Smithy models provide a more structured approach to defining APIs compared to OpenAPI, and are particularly useful for connecting to AWS services. AgentCore Gateway supports built-in AWS service models only. It connects to services using Smithy model definitions
- Supports OAUTH and API_KEY credential providers
- Ideal for AWS service integrations
- Need API schema. The construct provide 3 ways to upload a API schema to Smity target
- When using the default IAM authentication (no
credentialProviderConfigurationsspecified), The construct only grants permission to read the Smithy schema file from S3. You MUST manually grant permissions for the gateway role to invoke the actual Smithy API endpoints
Note: For Smithy model targets that access AWS services, your Gateway's execution role needs permissions to access those services. For example, for a DynamoDB target, your execution role needs permissions to perform DynamoDB operations. This is not managed by the construct due to the large number of options. Please refer to Smithy Model Permission for example.
MCP Server Target: Model Context Protocol (MCP) servers provide external tools, data access, and custom functions for AI agents. MCP servers enable agents to interact with external systems and services through a standardized protocol. Gateway automatically discovers and indexes available tools from MCP servers through synchronization.
Key Features:
- Requires explicit authentication configuration (OAuth2 recommended, empty array for NoAuth)
- Ideal for connecting to external MCP-compliant servers
- The endpoint must use HTTPS protocol
- Supported MCP protocol versions: 2025-06-18, 2025-03-26
- Automatic tool discovery through synchronization
Synchronization Behavior:
MCP Server targets require synchronization to discover and index available tools:
- Implicit Synchronization (Automatic): Tool discovery happens automatically during:
- Target creation (
CreateGatewayTarget) - Target updates (
UpdateGatewayTarget) - The Gateway calls the MCP server's
tools/listendpoint and indexes tools without user intervention
- Target creation (
- Explicit Synchronization (Manual): When the MCP server's tools change independently (new tools added, schemas modified, tools removed):
- The Gateway's tool catalog becomes stale
- Call the
SynchronizeGatewayTargetsAPI to refresh the catalog - Use the
grantSync()method to grant permissions to Lambda functions, CI/CD pipelines, or scheduled tasks that will trigger synchronization
Authentication & Permissions:
When using OAuth2, the Gateway service role automatically receives:
bedrock-agentcore:GetWorkloadAccessTokenbedrock-agentcore:GetResourceOauth2Tokensecretsmanager:GetSecretValue- KMS decrypt (if secrets are encrypted)
For explicit synchronization, use grantSync() to grant bedrock-agentcore:SynchronizeGatewayTargets permission to your operator roles.
For more information, refer to the MCP Server Target documentation.
Understanding Tool Naming
When tools are exposed through gateway targets, AgentCore Gateway prefixes each tool name with the target name to ensure uniqueness across multiple targets. This is important to understand when building your application logic.
Naming Pattern:
Example:
If your target is named my-lambda-target and provides a tool called calculate_price, agents will discover and invoke it as my-lambda-target__calculate_price.
Important Considerations:
- For Lambda Targets: Your Lambda handler must strip the target name prefix before processing the tool request. The full tool name (with prefix) is sent in the event.
- For MCP Server Targets: The MCP server receives tool calls with the prefixed name from the gateway.
- For OpenAPI/Smithy Targets: The gateway handles the prefix automatically when mapping to API operations based on the
operationId.
This naming convention ensures that:
- Tools from different targets don't collide even if they have the same name
- Agents can access tools from multiple targets through a single gateway
- Tool names remain unique in the unified tool catalog
For more details, see the Gateway Tool Naming Documentation.
Tools schema For Lambda target
The lambda target need tools schema to understand the fuunction lambda provides. You can upload the tool schema by following 3 ways:
- From a local asset file
ToolSchema toolSchema = ToolSchema.fromLocalAsset(path.join(__dirname, "schemas", "my-tool-schema.json"));
- From an existing S3 file:
S3ToolSchema toolSchema = ToolSchema.fromS3File(Bucket.fromBucketName(this, "SchemasBucket", "my-schemas-bucket"), "tools/complex-tool-schema.json", "123456789012");
- From Inline:
InlineToolSchema toolSchema = ToolSchema.fromInline(List.of(ToolDefinition.builder()
.name("hello_world")
.description("A simple hello world tool")
.inputSchema(SchemaDefinition.builder()
.type(SchemaDefinitionType.OBJECT)
.properties(Map.of(
"name", SchemaDefinition.builder()
.type(SchemaDefinitionType.STRING)
.description("The name to greet")
.build()))
.required(List.of("name"))
.build())
.build()));
Api schema For OpenAPI and Smithy target
The OpenAPI and Smithy target need API Schema. The Gateway construct provide three ways to upload API schema for your target:
- From a local asset file (requires binding to scope):
// When using ApiSchema.fromLocalAsset, you must bind the schema to a scope AssetApiSchema schema = ApiSchema.fromLocalAsset(path.join(__dirname, "mySchema.yml")); schema.bind(this);
- From an inline schema:
InlineApiSchema inlineSchema = ApiSchema.fromInline("\nopenapi: 3.0.3\ninfo:\n title: Library API\n version: 1.0.0\npaths:\n /search:\n get:\n summary: Search for books\n operationId: searchBooks\n parameters:\n - name: query\n in: query\n required: true\n schema:\n type: string\n");
- From an existing S3 file:
IBucket bucket = Bucket.fromBucketName(this, "ExistingBucket", "my-schema-bucket"); S3ApiSchema s3Schema = ApiSchema.fromS3File(bucket, "schemas/action-group.yaml");
Outbound auth
Outbound authorization lets Amazon Bedrock AgentCore gateways securely access gateway targets on behalf of users authenticated and authorized during Inbound Auth.
AgentCore Gateway supports the following types of outbound authorization:
IAM-based outbound authorization – The gateway uses its execution role to authenticate with AWS services. This is the default and most common approach for Lambda targets and AWS service integrations.
2-legged OAuth (OAuth 2LO) – Use OAuth 2.0 two-legged flow (2LO) for targets that require OAuth authentication. The gateway authenticates on its own behalf, not on behalf of a user.
API key – Use the AgentCore service/AWS console to generate an API key to authenticate access to the gateway target.
**Note > You need to set up the outbound identity before you can create a gateway target.
Token Vault credential providers
AgentCore stores outbound API key and OAuth2 client credentials in Token Vault. This module includes L2 constructs that create those resources and connect them to gateway targets.
Shared OAuth2 fields — Every OAuth2CredentialProvider factory accepts the same clientId and clientSecret, plus optional oAuth2CredentialProviderName and tags. Extra properties appear only when an IdP needs them (for example tenantId for Microsoft, or issuer / endpoint overrides for Okta and other included configurations).
Vendor factories — Prefer OAuth2CredentialProvider.usingSlack, .usingGithub, .usingGoogle, .usingMicrosoft, .usingOkta, .usingAuth0, .usingCognito, and the other using* helpers for known providers. Each maps to the matching CloudFormation included provider configuration.
Custom OAuth2 (usingCustom) — Supply exactly one of:
discoveryUrl— OIDC/OAuth2 discovery document URL (for examplehttps://idp.example.com/.well-known/openid-configuration), orauthorizationServerMetadata— Manual authorization server metadata (issuer,authorizationEndpoint,tokenEndpoint, and other fields supported by theAWS::BedrockAgentCore::OAuth2CredentialProviderresource).
Do not pass both. The construct validates this at synthesis time when values are known; if you use CDK tokens, ensure the resolved template still satisfies the service rules.
Wiring to gateway targets — After you create a provider in CDK, pass the construct to GatewayCredentialProvider.fromOauthIdentity() or fromApiKeyIdentity() (optional API key header/query settings go in the second argument for API keys). Alternatively, call bindForGatewayOAuthTarget / bindForGatewayApiKeyTarget on the provider and pass that object to fromOauthIdentityArn / fromApiKeyIdentityArn. You can still pass raw ARNs from the console or API when the provider already exists.
Example: GitHub OAuth2 and an MCP target
Gateway gateway = Gateway.Builder.create(this, "MyGateway")
.gatewayName("my-gateway")
.build();
OAuth2CredentialProvider oauth = OAuth2CredentialProvider.usingGithub(this, "GhOAuth", GithubOAuth2CredentialProviderProps.builder()
.oAuth2CredentialProviderName("github-oauth")
.clientId("your-client-id")
.clientSecret(SecretValue.unsafePlainText("your-client-secret"))
.build());
gateway.addMcpServerTarget("Mcp", AddMcpServerTargetOptions.builder()
.gatewayTargetName("mcp-server")
.description("MCP with GitHub OAuth")
.endpoint("https://my-mcp-server.example.com")
.credentialProviderConfigurations(List.of(GatewayCredentialProvider.fromOauthIdentity(oauth, FromOauthIdentityOptions.builder()
.scopes(List.of("read:user"))
.build())))
.build());
Example: custom IdP with a discovery URL
OAuth2CredentialProvider.usingCustom(this, "CustomOAuth", CustomOAuth2CredentialProviderProps.builder()
.oAuth2CredentialProviderName("custom-idp")
.clientId("your-client-id")
.clientSecret(SecretValue.unsafePlainText("your-client-secret"))
.discoveryUrl("https://idp.example.com/.well-known/openid-configuration")
.build());
Example: custom IdP with explicit authorization server metadata
OAuth2CredentialProvider.usingCustom(this, "CustomOAuthMeta", CustomOAuth2CredentialProviderProps.builder()
.clientId("your-client-id")
.clientSecret(SecretValue.unsafePlainText("your-client-secret"))
.authorizationServerMetadata(OAuth2AuthorizationServerMetadata.builder()
.issuer("https://idp.example.com")
.authorizationEndpoint("https://idp.example.com/oauth2/authorize")
.tokenEndpoint("https://idp.example.com/oauth2/token")
.build())
.build());
Workload identities
A workload identity is the stable identity of an agent in your AWS account within the AgentCore Identity model. It ties together IAM roles, OAuth2 flows, API keys, and workload access tokens so agents can authenticate consistently across environments. For conceptual background, see Understanding workload identities.
Agent identity directory — Each account has a single logical directory that holds every workload identity, whether it was created by AgentCore Runtime, AgentCore Gateway, or manually (for example through CloudFormation or the control-plane API). The directory is created automatically when the first workload identity exists. Resource ARNs follow the pattern described in Understanding the agent identity directory (workload-identity-directory/default and child workload-identity/<name> entries).
When to create one in CDK — Runtime and Gateway can create workload identities for you during deployment. Use the WorkloadIdentity L2 when you need a manually defined identity (custom name, allowed OAuth2 return URLs, tags) or when integrating workloads that are not driven by those services.
Construct — WorkloadIdentity maps to AWS::BedrockAgentCore::WorkloadIdentity. It exposes workloadIdentityArn, workloadIdentityName, and workloadIdentityRef for wiring into IAM or other AgentCore resources. Import an existing identity with WorkloadIdentity.fromWorkloadIdentityAttributes. Grant helpers (grantRead, grantAdmin, grantFullAccess) align with directory-level IAM patterns such as listing identities on the directory resource and scoping mutations to specific identity ARNs.
Example
WorkloadIdentity.Builder.create(this, "MyWorkloadIdentity")
.workloadIdentityName("customer-support-agent-prod")
.allowedResourceOauth2ReturnUrls(List.of("https://app.example.com/oauth/callback"))
.tags(Map.of("team", "agents", "env", "prod"))
.build();
Basic Gateway Target Creation
You can create targets in two ways: using the static factory methods on GatewayTarget or using the convenient addTarget methods on the gateway instance.
Using addTarget methods (Recommended)
This approach is recommended for most use cases, especially when creating targets alongside the gateway. It provides a cleaner, more fluent API by eliminating the need to explicitly pass the gateway reference.
Below are the examples on how you can create Lambda, Smithy, OpenAPI, MCP Server, and API Gateway targets using addTarget methods.
// Create a gateway first
Gateway gateway = Gateway.Builder.create(this, "MyGateway")
.gatewayName("my-gateway")
.build();
Function lambdaFunction = Function.Builder.create(this, "MyFunction")
.runtime(Runtime.NODEJS_22_X)
.handler("index.handler")
.code(Code.fromInline("\n exports.handler = async (event) => {\n return {\n statusCode: 200,\n body: JSON.stringify({ message: 'Hello from Lambda!' })\n };\n };\n "))
.build();
GatewayTarget lambdaTarget = gateway.addLambdaTarget("MyLambdaTarget", AddLambdaTargetOptions.builder()
.gatewayTargetName("my-lambda-target")
.description("Lambda function target")
.lambdaFunction(lambdaFunction)
.toolSchema(ToolSchema.fromInline(List.of(ToolDefinition.builder()
.name("hello_world")
.description("A simple hello world tool")
.inputSchema(SchemaDefinition.builder()
.type(SchemaDefinitionType.OBJECT)
.properties(Map.of(
"name", SchemaDefinition.builder()
.type(SchemaDefinitionType.STRING)
.description("The name to greet")
.build()))
.required(List.of("name"))
.build())
.build())))
.build());
- OpenAPI Target (using Token Vault L2 construct — preferred)
Gateway gateway = Gateway.Builder.create(this, "MyGateway")
.gatewayName("my-gateway")
.build();
// Create an API key credential provider in Token Vault
ApiKeyCredentialProvider apiKeyProvider = ApiKeyCredentialProvider.Builder.create(this, "MyApiKeyProvider")
.apiKeyCredentialProviderName("my-apikey")
.build();
IBucket bucket = Bucket.fromBucketName(this, "ExistingBucket", "my-schema-bucket");
S3ApiSchema s3mySchema = ApiSchema.fromS3File(bucket, "schemas/myschema.yaml");
// Add an OpenAPI target using the L2 construct directly
GatewayTarget target = gateway.addOpenApiTarget("MyTarget", AddOpenApiTargetOptions.builder()
.gatewayTargetName("my-api-target")
.description("Target for external API integration")
.apiSchema(s3mySchema)
.credentialProviderConfigurations(List.of(GatewayCredentialProvider.fromApiKeyIdentity(apiKeyProvider, FromApiKeyIdentityOptions.builder()
.credentialLocation(ApiKeyCredentialLocation.header(ApiKeyAdditionalConfiguration.builder()
.credentialParameterName("X-API-Key")
.build()))
.build())))
.build());
// This makes sure your s3 bucket is available before target
target.node.addDependency(bucket);
- OpenAPI Target (using ARNs — for providers created outside of CDK)
Gateway gateway = Gateway.Builder.create(this, "MyGateway")
.gatewayName("my-gateway")
.build();
// ARNs from the console/API, or from ApiKeyCredentialProvider + bindForGatewayApiKeyTarget
String apiKeyProviderArn = "arn:aws:bedrock-agentcore:us-east-1:123456789012:token-vault/abc123/apikeycredentialprovider/my-apikey";
String apiKeySecretArn = "arn:aws:secretsmanager:us-east-1:123456789012:secret:my-apikey-secret-abc123";
IBucket bucket = Bucket.fromBucketName(this, "ExistingBucket", "my-schema-bucket");
S3ApiSchema s3mySchema = ApiSchema.fromS3File(bucket, "schemas/myschema.yaml");
// Add an OpenAPI target using ARNs directly
GatewayTarget target = gateway.addOpenApiTarget("MyTarget", AddOpenApiTargetOptions.builder()
.gatewayTargetName("my-api-target")
.description("Target for external API integration")
.apiSchema(s3mySchema)
.credentialProviderConfigurations(List.of(GatewayCredentialProvider.fromApiKeyIdentityArn(ApiKeyCredentialProviderOptions.builder()
.providerArn(apiKeyProviderArn)
.secretArn(apiKeySecretArn)
.credentialLocation(ApiKeyCredentialLocation.header(ApiKeyAdditionalConfiguration.builder()
.credentialParameterName("X-API-Key")
.build()))
.build())))
.build());
// This makes sure your s3 bucket is available before target
target.node.addDependency(bucket);
- Smithy Target
Gateway gateway = Gateway.Builder.create(this, "MyGateway")
.gatewayName("my-gateway")
.build();
AssetApiSchema smithySchema = ApiSchema.fromLocalAsset(path.join(__dirname, "models", "smithy-model.json"));
smithySchema.bind(this);
GatewayTarget smithyTarget = gateway.addSmithyTarget("MySmithyTarget", AddSmithyTargetOptions.builder()
.gatewayTargetName("my-smithy-target")
.description("Smithy model target")
.smithyModel(smithySchema)
.build());
- MCP Server Target
Gateway gateway = Gateway.Builder.create(this, "MyGateway")
.gatewayName("my-gateway")
.build();
// OAuth2 (recommended): use OAuth2CredentialProvider + bindForGatewayOAuthTarget, or ARNs from console/API
String oauthProviderArn = "arn:aws:bedrock-agentcore:us-east-1:123456789012:token-vault/abc123/oauth2credentialprovider/my-oauth";
String oauthSecretArn = "arn:aws:secretsmanager:us-east-1:123456789012:secret:my-oauth-secret-abc123";
// Add an MCP server target directly to the gateway
GatewayTarget mcpTarget = gateway.addMcpServerTarget("MyMcpServer", AddMcpServerTargetOptions.builder()
.gatewayTargetName("my-mcp-server")
.description("External MCP server integration")
.endpoint("https://my-mcp-server.example.com")
.credentialProviderConfigurations(List.of(GatewayCredentialProvider.fromOauthIdentityArn(OAuthConfiguration.builder()
.providerArn(oauthProviderArn)
.secretArn(oauthSecretArn)
.scopes(List.of("mcp-runtime-server/invoke"))
.build())))
.build());
// Grant sync permission to a Lambda function that will trigger synchronization
Function syncFunction = Function.Builder.create(this, "SyncFunction")
.runtime(Runtime.PYTHON_3_12)
.handler("index.handler")
.code(Code.fromInline("\nimport boto3\n\ndef handler(event, context):\n client = boto3.client('bedrock-agentcore')\n response = client.synchronize_gateway_targets(\n gatewayIdentifier=event['gatewayId'],\n targetIds=[event['targetId']]\n )\n return response\n "))
.build();
mcpTarget.grantSync(syncFunction);
- API Gateway Target
Gateway gateway = Gateway.Builder.create(this, "MyGateway")
.gatewayName("my-gateway")
.build();
RestApi api = RestApi.Builder.create(this, "MyApi")
.restApiName("my-api")
.build();
// Uses IAM authorization for outbound auth by default
GatewayTarget apiGatewayTarget = gateway.addApiGatewayTarget("MyApiGatewayTarget", AddApiGatewayTargetOptions.builder()
.restApi(api)
.apiGatewayToolConfiguration(ApiGatewayToolConfiguration.builder()
.toolFilters(List.of(ApiGatewayToolFilter.builder()
.filterPath("/pets/*")
.methods(List.of(ApiGatewayHttpMethod.GET))
.build()))
.build())
.build());
Using static factory methods
Use static factory methods when working with imported gateways, creating targets in different constructs/stacks, or when you need more explicit control over the construct tree hierarchy.
Create Gateway target using static convenience methods.
- Lambda Target
Gateway gateway = Gateway.Builder.create(this, "MyGateway")
.gatewayName("my-gateway")
.build();
Function lambdaFunction = Function.Builder.create(this, "MyFunction")
.runtime(Runtime.NODEJS_22_X)
.handler("index.handler")
.code(Code.fromInline("\n exports.handler = async (event) => {\n return {\n statusCode: 200,\n body: JSON.stringify({ message: 'Hello from Lambda!' })\n };\n };\n "))
.build();
// Create a gateway target with Lambda and tool schema
GatewayTarget target = GatewayTarget.forLambda(this, "MyLambdaTarget", GatewayTargetLambdaProps.builder()
.gatewayTargetName("my-lambda-target")
.description("Target for Lambda function integration")
.gateway(gateway)
.lambdaFunction(lambdaFunction)
.toolSchema(ToolSchema.fromLocalAsset(path.join(__dirname, "schemas", "my-tool-schema.json")))
.build());
- OpenAPI Target
Gateway gateway = Gateway.Builder.create(this, "MyGateway")
.gatewayName("my-gateway")
.build();
// Outbound auth: ApiKeyCredentialProvider + bindForGatewayApiKeyTarget, or ARNs from console/API
String apiKeyIdentityArn = "arn:aws:bedrock-agentcore:us-east-1:123456789012:token-vault/abc123/apikeycredentialprovider/my-apikey";
String apiKeySecretArn = "arn:aws:secretsmanager:us-east-1:123456789012:secret:my-apikey-secret-abc123";
AssetApiSchema opneapiSchema = ApiSchema.fromLocalAsset(path.join(__dirname, "mySchema.yml"));
opneapiSchema.bind(this);
// Create a gateway target with OpenAPI Schema
GatewayTarget target = GatewayTarget.forOpenApi(this, "MyTarget", GatewayTargetOpenApiProps.builder()
.gatewayTargetName("my-api-target")
.description("Target for external API integration")
.gateway(gateway) // Note: you need to pass the gateway reference
.apiSchema(opneapiSchema)
.credentialProviderConfigurations(List.of(GatewayCredentialProvider.fromApiKeyIdentityArn(ApiKeyCredentialProviderOptions.builder()
.providerArn(apiKeyIdentityArn)
.secretArn(apiKeySecretArn)
.build())))
.build());
- Smithy Target
Gateway gateway = Gateway.Builder.create(this, "MyGateway")
.gatewayName("my-gateway")
.build();
AssetApiSchema smithySchema = ApiSchema.fromLocalAsset(path.join(__dirname, "models", "smithy-model.json"));
smithySchema.bind(this);
// Create a gateway target with Smithy Model and OAuth
GatewayTarget target = GatewayTarget.forSmithy(this, "MySmithyTarget", GatewayTargetSmithyProps.builder()
.gatewayTargetName("my-smithy-target")
.description("Target for Smithy model integration")
.gateway(gateway)
.smithyModel(smithySchema)
.build());
- MCP Server Target
Gateway gateway = Gateway.Builder.create(this, "MyGateway")
.gatewayName("my-gateway")
.build();
// OAuth2 (recommended): use OAuth2CredentialProvider + bindForGatewayOAuthTarget, or ARNs from console/API
String oauthProviderArn = "arn:aws:bedrock-agentcore:us-east-1:123456789012:token-vault/abc123/oauth2credentialprovider/my-oauth";
String oauthSecretArn = "arn:aws:secretsmanager:us-east-1:123456789012:secret:my-oauth-secret-abc123";
// Create a gateway target with MCP Server
GatewayTarget mcpTarget = GatewayTarget.forMcpServer(this, "MyMcpServer", GatewayTargetMcpServerProps.builder()
.gatewayTargetName("my-mcp-server")
.description("External MCP server integration")
.gateway(gateway)
.endpoint("https://my-mcp-server.example.com")
.credentialProviderConfigurations(List.of(GatewayCredentialProvider.fromOauthIdentityArn(OAuthConfiguration.builder()
.providerArn(oauthProviderArn)
.secretArn(oauthSecretArn)
.scopes(List.of("mcp-runtime-server/invoke"))
.build())))
.build());
- API Gateway Target
Gateway gateway = Gateway.Builder.create(this, "MyGateway")
.gatewayName("my-gateway")
.build();
RestApi api = RestApi.Builder.create(this, "MyApi")
.restApiName("my-api")
.build();
// Create a gateway target using the static factory method
GatewayTarget apiGatewayTarget = GatewayTarget.forApiGateway(this, "MyApiGatewayTarget", GatewayTargetApiGatewayProps.builder()
.gatewayTargetName("my-api-gateway-target")
.description("Target for API Gateway REST API integration")
.gateway(gateway)
.restApi(api)
.apiGatewayToolConfiguration(ApiGatewayToolConfiguration.builder()
.toolFilters(List.of(ApiGatewayToolFilter.builder()
.filterPath("/pets/*")
.methods(List.of(ApiGatewayHttpMethod.GET, ApiGatewayHttpMethod.POST))
.build()))
.build())
.metadataConfiguration(MetadataConfiguration.builder()
.allowedRequestHeaders(List.of("X-User-Id"))
.allowedQueryParameters(List.of("limit"))
.build())
.build());
Advanced Usage: Direct Configuration for gateway target
For advanced use cases where you need full control over the target configuration, you can create configurations manually using the static factory methods and use the GatewayTarget constructor directly.
Configuration Factory Methods
Each target type has a corresponding configuration class with a static create() method:
- Lambda:
LambdaTargetConfiguration.create(lambdaFunction, toolSchema) - OpenAPI:
OpenApiTargetConfiguration.create(apiSchema, validateSchema?) - Smithy:
SmithyTargetConfiguration.create(smithyModel) - API Gateway:
ApiGatewayTargetConfiguration.create(props)
Example: Lambda Target with Custom Configuration
Gateway gateway = Gateway.Builder.create(this, "MyGateway")
.gatewayName("my-gateway")
.build();
Function myLambdaFunction = Function.Builder.create(this, "MyFunction")
.runtime(Runtime.NODEJS_22_X)
.handler("index.handler")
.code(Code.fromInline("\n exports.handler = async (event) => ({ statusCode: 200 });\n "))
.build();
InlineToolSchema myToolSchema = ToolSchema.fromInline(List.of(ToolDefinition.builder()
.name("my_tool")
.description("My custom tool")
.inputSchema(SchemaDefinition.builder()
.type(SchemaDefinitionType.OBJECT)
.properties(Map.of())
.build())
.build()));
// Create a custom Lambda configuration
LambdaTargetConfiguration customConfig = LambdaTargetConfiguration.create(myLambdaFunction, myToolSchema);
// Use the GatewayTarget constructor directly
GatewayTarget target = GatewayTarget.Builder.create(this, "AdvancedTarget")
.gateway(gateway)
.gatewayTargetName("advanced-target")
.targetConfiguration(customConfig) // Manually created configuration
.credentialProviderConfigurations(List.of(GatewayCredentialProvider.fromIamRole()))
.build();
This approach gives you full control over the configuration but is typically not necessary for most use cases. The convenience methods (GatewayTarget.forLambda(), GatewayTarget.forOpenApi(), GatewayTarget.forSmithy(), GatewayTarget.forApiGateway()) handle all of this internally.
Gateway Interceptors
Gateway interceptors allow you to run custom code during each gateway invocation to implement fine-grained access control, transform requests and responses, or implement custom authorization logic. A gateway can have at most one REQUEST interceptor and one RESPONSE interceptor.
Interceptor Types:
- REQUEST interceptors: Execute before the gateway calls the target. Useful for request validation, transformation, or custom authorization
- RESPONSE interceptors: Execute after the target responds but before the gateway sends the response back. Useful for response transformation, filtering, or adding custom headers
Security Best Practices:
- Keep
passRequestHeadersdisabled unless absolutely necessary (default: false) - Implement idempotent Lambda functions (gateway may retry on failures)
- Restrict gateway execution role to specific Lambda functions
- Avoid logging sensitive information in your interceptor
For more information, see the Gateway Interceptors documentation.
Adding Interceptors via Constructor
// Create Lambda functions for interceptors
Function requestInterceptorFn = Function.Builder.create(this, "RequestInterceptor")
.runtime(Runtime.PYTHON_3_12)
.handler("index.handler")
.code(Code.fromInline("\ndef handler(event, context):\n # Validate and transform request\n return {\n \"interceptorOutputVersion\": \"1.0\",\n \"mcp\": {\n \"transformedGatewayRequest\": event[\"mcp\"][\"gatewayRequest\"]\n }\n }\n "))
.build();
Function responseInterceptorFn = Function.Builder.create(this, "ResponseInterceptor")
.runtime(Runtime.PYTHON_3_12)
.handler("index.handler")
.code(Code.fromInline("\ndef handler(event, context):\n # Filter or transform response\n return {\n \"interceptorOutputVersion\": \"1.0\",\n \"mcp\": {\n \"transformedGatewayResponse\": event[\"mcp\"][\"gatewayResponse\"]\n }\n }\n "))
.build();
// Create gateway with interceptors
Gateway gateway = Gateway.Builder.create(this, "MyGateway")
.gatewayName("my-gateway")
.interceptorConfigurations(List.of(LambdaInterceptor.forRequest(requestInterceptorFn, InterceptorOptions.builder()
.passRequestHeaders(true)
.build()), LambdaInterceptor.forResponse(responseInterceptorFn)))
.build();
Automatic Permission Granting:
When you add a Lambda interceptor to a gateway (either via constructor or addInterceptor()), the gateway's IAM role automatically receives lambda:InvokeFunction permission on the Lambda function. This permission grant happens internally during the bind process - you do not need to manually configure these IAM permissions.
Adding Interceptors Dynamically
// Create a gateway first
Gateway gateway = Gateway.Builder.create(this, "MyGateway")
.gatewayName("my-gateway")
.build();
// Create Lambda functions for interceptors
Function requestInterceptorFn = Function.Builder.create(this, "RequestInterceptor")
.runtime(Runtime.PYTHON_3_12)
.handler("index.handler")
.code(Code.fromInline("\ndef handler(event, context):\n # Custom request validation logic\n return {\n \"interceptorOutputVersion\": \"1.0\",\n \"mcp\": {\n \"transformedGatewayRequest\": event[\"mcp\"][\"gatewayRequest\"]\n }\n }\n "))
.build();
Function responseInterceptorFn = Function.Builder.create(this, "ResponseInterceptor")
.runtime(Runtime.PYTHON_3_12)
.handler("index.handler")
.code(Code.fromInline("\ndef handler(event, context):\n # Filter sensitive data from response\n return {\n \"interceptorOutputVersion\": \"1.0\",\n \"mcp\": {\n \"transformedGatewayResponse\": event[\"mcp\"][\"gatewayResponse\"]\n }\n }\n "))
.build();
gateway.addInterceptor(LambdaInterceptor.forRequest(requestInterceptorFn, InterceptorOptions.builder()
.passRequestHeaders(false)
.build()));
gateway.addInterceptor(LambdaInterceptor.forResponse(responseInterceptorFn));
Gateway Target IAM Permissions
The Gateway Target construct provides convenient methods for granting IAM permissions:
// Create a gateway and target
Gateway gateway = Gateway.Builder.create(this, "MyGateway")
.gatewayName("my-gateway")
.build();
AssetApiSchema smithySchema = ApiSchema.fromLocalAsset(path.join(__dirname, "models", "smithy-model.json"));
smithySchema.bind(this);
// Create a gateway target with Smithy Model and OAuth
GatewayTarget target = GatewayTarget.forSmithy(this, "MySmithyTarget", GatewayTargetSmithyProps.builder()
.gatewayTargetName("my-smithy-target")
.description("Target for Smithy model integration")
.gateway(gateway)
.smithyModel(smithySchema)
.build());
// Create a role that needs access to the gateway target
Role userRole = Role.Builder.create(this, "UserRole")
.assumedBy(new ServicePrincipal("lambda.amazonaws.com"))
.build();
// Grant read permissions (Get and List actions)
target.grantRead(userRole);
// Grant manage permissions (Create, Update, Delete actions)
target.grantManage(userRole);
// Grant specific custom permissions
target.grant(userRole, "bedrock-agentcore:GetGatewayTarget");
// Grants permission to invoke this Gateway
gateway.grantInvoke(userRole);
Memory
Memory is a critical component of intelligence. While Large Language Models (LLMs) have impressive capabilities, they lack persistent memory across conversations. Amazon Bedrock AgentCore Memory addresses this limitation by providing a managed service that enables AI agents to maintain context over time, remember important facts, and deliver consistent, personalized experiences.
AgentCore Memory operates on two levels:
- Short-Term Memory: Immediate conversation context and session-based information that provides continuity within a single interaction or closely related sessions.
- Long-Term Memory: Persistent information extracted and stored across multiple conversations, including facts, preferences, and summaries that enable personalized experiences over time.
When you interact with the memory via the CreateEvent API, you store interactions in Short-Term Memory (STM) instantly. These interactions can include everything from user messages, assistant responses, to tool actions.
To write to long-term memory, you need to configure extraction strategies which define how and where to store information from conversations for future use. These strategies are asynchronously processed from raw events after every few turns based on the strategy that was selected. You can't create long term memory records directly, as they are extracted asynchronously by AgentCore Memory.
Memory Properties
| Name | Type | Required | Description |
|------|------|----------|-------------|
| memoryName | string | No | The name of the memory. If not provided, a unique name will be auto-generated |
| expirationDuration | Duration | No | Short-term memory expiration in days (between 7 and 365). Default: 90 days |
| description | string | No | Optional description for the memory. Default: no description. |
| kmsKey | IKey | No | Custom KMS key to use for encryption. Default: Your data is encrypted with a key that AWS owns and manages for you |
| memoryStrategies | MemoryStrategyBase[] | No | Built-in extraction strategies to use for this memory. Default: No extraction strategies (short term memory only) |
| executionRole | iam.IRole | No | The IAM role that provides permissions for the memory to access AWS services. Default: A new role will be created. |
| tags | { [key: string]: string } | No | Tags for memory. Default: no tags. |
Basic Memory Creation
Below you can find how to configure a simple short-term memory (STM) with no long-term memory extraction strategies.
Note how you set expirationDuration, which defines the time the events will be stored in the short-term memory before they expire.
// Create a basic memory with default settings, no LTM strategies
Memory memory = Memory.Builder.create(this, "MyMemory")
.memoryName("my_memory")
.description("A memory for storing user interactions for a period of 90 days")
.expirationDuration(Duration.days(90))
.build();
Basic Memory with Custom KMS Encryption
// Create a custom KMS key for encryption
Key encryptionKey = Key.Builder.create(this, "MemoryEncryptionKey")
.enableKeyRotation(true)
.description("KMS key for memory encryption")
.build();
// Create memory with custom encryption
Memory memory = Memory.Builder.create(this, "MyMemory")
.memoryName("my_encrypted_memory")
.description("Memory with custom KMS encryption")
.expirationDuration(Duration.days(90))
.kmsKey(encryptionKey)
.build();
LTM Memory Extraction Stategies
If you need long-term memory for context recall across sessions, you can setup memory extraction strategies to extract the relevant memory from the raw events.
Amazon Bedrock AgentCore Memory has different memory strategies for extracting and organizing information:
- Summarization: to summarize interactions to preserve critical context and key insights.
- Semantic Memory: to extract general factual knowledge, concepts and meanings from raw conversations using vector embeddings. This enables similarity-based retrieval of relevant facts and context.
- User Preferences: to extract user behavior patterns from raw conversations.
You can use built-in extraction strategies for quick setup, or create custom extraction strategies with specific models and prompt templates.
Memory with Built-in Strategies
The library provides four built-in LTM strategies. These are default strategies for organizing and extracting memory data, each optimized for specific use cases.
For example: An agent helps multiple users with cloud storage setup. From these conversations, see how each strategy processes users expressing confusion about account connection:
- Summarization Strategy (
MemoryStrategy.usingBuiltInSummarization()) This strategy compresses conversations into concise overviews, preserving essential context and key insights for quick recall. Extracted memory example: Users confused by cloud setup during onboarding.- Extracts concise summaries to preserve critical context and key insights
- Namespace:
/strategies/{memoryStrategyId}/actors/{actorId}/sessions/{sessionId}
- Semantic Memory Strategy (
MemoryStrategy.usingBuiltInSemantic()) Distills general facts, concepts, and underlying meanings from raw conversational data, presenting the information in a context-independent format. Extracted memory example: In-context learning = task-solving via examples, no training needed.- Extracts general factual knowledge, concepts and meanings from raw conversations
- Namespace:
/strategies/{memoryStrategyId}/actors/{actorId}
- User Preference Strategy (
MemoryStrategy.usingBuiltInUserPreference()) Captures individual preferences, interaction patterns, and personalized settings to enhance future experiences. Extracted memory example: User needs clear guidance on cloud storage account connection during onboarding.- Extracts user behavior patterns from raw conversations
- Namespace:
/strategies/{memoryStrategyId}/actors/{actorId}
- Episodic Memory Strategy (
MemoryStrategy.usingBuiltInEpisodic()) Captures meaningful slices of user and system interactions, preserve them into compact records after summarizing. Extracted memory example: User first asked about pricing on Monday, then requested feature comparison on Tuesday, finally made purchase decision on Wednesday.- Captures event sequences and temporal relationships
- Namespace:
/strategy/{memoryStrategyId}/actor/{actorId}/session/{sessionId} - Reflections:
/strategy/{memoryStrategyId}/actor/{actorId}
// Create memory with built-in strategies
Memory memory = Memory.Builder.create(this, "MyMemory")
.memoryName("my_memory")
.description("Memory with built-in strategies")
.expirationDuration(Duration.days(90))
.memoryStrategies(List.of(MemoryStrategy.usingBuiltInSummarization(), MemoryStrategy.usingBuiltInSemantic(), MemoryStrategy.usingBuiltInUserPreference(), MemoryStrategy.usingBuiltInEpisodic()))
.build();
The name generated for each built in memory strategy is as follows:
- For Summarization:
summary_builtin_cdk001 - For Semantic:
semantic_builtin_cdk001> - For User Preferences:
preference_builtin_cdk001 - For Episodic :
episodic_builtin_cdkGen0001
Memory with custom Strategies
With Long-Term Memory, organization is managed through Namespaces.
An actor refers to entity such as end users or agent/user combinations. For example, in a coding support chatbot,
the actor is usually the developer asking questions. Using the actor ID helps the system know which user the memory belongs to,
keeping each user's data separate and organized.
A session is usually a single conversation or interaction period between the user and the AI agent.
It groups all related messages and events that happen during that conversation.
A namespace is used to logically group and organize long-term memories. It ensures data stays neat, separate, and secure.
With AgentCore Memory, you need to add a namespace when you define a memory strategy. This namespace helps define where the long-term memory will be logically grouped. Every time a new long-term memory is extracted using this memory strategy, it is saved under the namespace you set. This means that all long-term memories are scoped to their specific namespace, keeping them organized and preventing any mix-ups with other users or sessions. You should use a hierarchical format separated by forward slashes /. This helps keep memories organized clearly. As needed, you can choose to use the below pre-defined variables within braces in the namespace based on your applications' organization needs:
actorId– Identifies who the long-term memory belongs to, such as a usermemoryStrategyId– Shows which memory strategy is being used. This strategy identifier is auto-generated when you create a memory using CreateMemory operation.sessionId– Identifies which session or conversation the memory is from.
For example, if you define the following namespace as the input to your strategy in CreateMemory operation:
/strategy/{memoryStrategyId}/actor/{actorId}/session/{sessionId}
After memory creation, this namespace might look like:
/strategy/summarization-93483043//actor/actor-9830m2w3/session/session-9330sds8
You can customise the namespace, i.e. where the memories are stored by using the following methods:
- Summarization Strategy (
MemoryStrategy.usingSummarization(props)) - Semantic Memory Strategy (
MemoryStrategy.usingSemantic(props)) - User Preference Strategy (
MemoryStrategy.usingUserPreference(props)) - Episodic Memory Strategy (
MemoryStrategy.usingEpisodic(props))
// Create memory with custom strategies
Memory memory = Memory.Builder.create(this, "MyMemory")
.memoryName("my_memory")
.description("Memory with custom strategies")
.expirationDuration(Duration.days(90))
.memoryStrategies(List.of(MemoryStrategy.usingUserPreference(ManagedStrategyProps.builder()
.strategyName("CustomerPreferences")
.namespaces(List.of("support/customer/{actorId}/preferences"))
.build()), MemoryStrategy.usingSemantic(ManagedStrategyProps.builder()
.strategyName("CustomerSupportSemantic")
.namespaces(List.of("support/customer/{actorId}/semantic"))
.build()), MemoryStrategy.usingEpisodic(ManagedStrategyProps.builder()
.strategyName("customerJourneyEpisodic")
.namespaces(List.of("/journey/customer/{actorId}/episodes"))
.reflectionConfiguration(EpisodicReflectionConfiguration.builder()
.namespaces(List.of("/journey/customer/{actorId}/reflections"))
.build())
.build())))
.build();
Custom memory strategies let you tailor memory extraction and consolidation to your specific domain or use case. You can override the prompts for extracting and consolidating semantic, summary, or user preferences. You can also choose the model that you want to use for extraction and consolidation.
The custom prompts you create are appended to a non-editable system prompt.
Since a custom strategy requires you to invoke certain FMs, you need a role with appropriate permissions. For that, you can:
- Let the L2 construct create a minimum permission role for you when use L2 Bedrock Foundation Models.
- Use a custom role with the overly permissive
AmazonBedrockAgentCoreMemoryBedrockModelInferenceExecutionRolePolicymanaged policy. - Use a custom role with your own custom policies.
Memory with Custom Execution Role
Keep in mind that memories that do not use custom strategies do not require a service role. So even if you provide it, it will be ignored as it will never be used.
// Create a custom execution role
Role executionRole = Role.Builder.create(this, "MemoryExecutionRole")
.assumedBy(new ServicePrincipal("bedrock-agentcore.amazonaws.com"))
.managedPolicies(List.of(ManagedPolicy.fromAwsManagedPolicyName("AmazonBedrockAgentCoreMemoryBedrockModelInferenceExecutionRolePolicy")))
.build();
// Create memory with custom execution role
Memory memory = Memory.Builder.create(this, "MyMemory")
.memoryName("my_memory")
.description("Memory with custom execution role")
.expirationDuration(Duration.days(90))
.executionRole(executionRole)
.build();
In customConsolidation and customExtraction, the model property uses IModel from aws-cdk-lib/aws-bedrock.
// Create a custom semantic memory strategy
ManagedMemoryStrategy customSemanticStrategy = MemoryStrategy.usingSemantic(ManagedStrategyProps.builder()
.strategyName("customSemanticStrategy")
.description("Custom semantic memory strategy")
.namespaces(List.of("/custom/strategies/{memoryStrategyId}/actors/{actorId}"))
.customConsolidation(OverrideConfig.builder()
.model(FoundationModel.fromFoundationModelId(this, "ConsolidationModel", FoundationModelIdentifier.ANTHROPIC_CLAUDE_3_5_SONNET_20241022_V2_0))
.appendToPrompt("Custom consolidation prompt for semantic memory")
.build())
.customExtraction(OverrideConfig.builder()
.model(FoundationModel.fromFoundationModelId(this, "ExtractionModel", FoundationModelIdentifier.ANTHROPIC_CLAUDE_3_5_SONNET_20241022_V2_0))
.appendToPrompt("Custom extraction prompt for semantic memory")
.build())
.build());
// Create memory with custom strategy
Memory memory = Memory.Builder.create(this, "MyMemory")
.memoryName("my-custom-memory")
.description("Memory with custom strategy")
.expirationDuration(Duration.days(90))
.memoryStrategies(List.of(customSemanticStrategy))
.build();
Memory with self-managed Strategies
A self-managed strategy in Amazon Bedrock AgentCore Memory gives you complete control over your memory extraction and consolidation pipelines. With a self-managed strategy, you can build custom memory processing workflows while leveraging Amazon Bedrock AgentCore for storage and retrieval.
For additional information, you can refer to the developer guide for self managed strategies.
Create the required AWS resources including:
- an S3 bucket in your account where Amazon Bedrock AgentCore will deliver batched event payloads.
- an SNS topic for job notifications. Use FIFO topics if processing order within sessions is important for your use case.
The construct will apply the correct permissions to the memory execution role to access these resources.
Bucket bucket = Bucket.Builder.create(this, "memoryBucket")
.bucketName("test-memory")
.removalPolicy(RemovalPolicy.DESTROY)
.autoDeleteObjects(true)
.build();
Topic topic = new Topic(this, "topic");
// Create a custom semantic memory strategy
SelfManagedMemoryStrategy selfManagedStrategy = MemoryStrategy.usingSelfManaged(SelfManagedStrategyProps.builder()
.strategyName("selfManagedStrategy")
.description("self managed memory strategy")
.historicalContextWindowSize(5)
.invocationConfiguration(InvocationConfiguration.builder()
.topic(topic)
.s3Location(Location.builder()
.bucketName(bucket.getBucketName())
.objectKey("memory/")
.build())
.build())
.triggerConditions(TriggerConditions.builder()
.messageBasedTrigger(1)
.timeBasedTrigger(Duration.seconds(10))
.tokenBasedTrigger(100)
.build())
.build());
// Create memory with custom strategy
Memory memory = Memory.Builder.create(this, "MyMemory")
.memoryName("my-custom-memory")
.description("Memory with custom strategy")
.expirationDuration(Duration.days(90))
.memoryStrategies(List.of(selfManagedStrategy))
.build();
Memory Strategy Methods
You can add new memory strategies to the memory construct using the addMemoryStrategy() method, for instance:
// Create memory without initial strategies
Memory memory = Memory.Builder.create(this, "test-memory")
.memoryName("test_memory_add_strategy")
.description("A test memory for testing addMemoryStrategy method")
.expirationDuration(Duration.days(90))
.build();
// Add strategies after instantiation
memory.addMemoryStrategy(MemoryStrategy.usingBuiltInSummarization());
memory.addMemoryStrategy(MemoryStrategy.usingBuiltInSemantic());
Online Evaluation
The Online Evaluation construct enables continuous monitoring and assessment of your agent's performance using live traffic. It automatically samples agent traces from CloudWatch Logs or Agent Endpoints and applies built-in evaluators to assess quality metrics like helpfulness, correctness, and safety.
Prerequisites
Before creating an OnlineEvaluationConfig, ensure the following are configured in your account:
- CloudWatch Transaction Search enabled — this creates the
aws/spanslog group required by the evaluation service. See Enable Transaction Search. - AWS Distro for OpenTelemetry (ADOT) SDK instrumenting your agent to emit traces.
For full details, see AgentCore Evaluations Prerequisites.
Online Evaluation Properties
| Name | Type | Required | Description |
|------|------|----------|-------------|
| onlineEvaluationConfigName | string | Yes | The name of the online evaluation configuration. Must start with a letter and can contain a-z, A-Z, 0-9, _ (underscore). Maximum 48 characters |
| evaluators | EvaluatorSelector[] | Yes | The list of built-in evaluators to apply during evaluation. Minimum 1, maximum 10 |
| dataSource | DataSourceConfig | Yes | The data source configuration specifying where to read agent traces from |
| executionRole | iam.IRole | No | The IAM role for evaluation. If not provided, a role will be created automatically |
| description | string | No | Description of the evaluation configuration. Maximum 200 characters |
| samplingPercentage | number | No | Percentage of traces to sample (0.01-100). Default: 10 |
| filters | FilterConfig[] | No | Filters to determine which traces to evaluate. Use FilterValue.string(), FilterValue.number(), or FilterValue.boolean() for typed filter values. Maximum 5 |
| sessionTimeout | Duration | No | Duration of inactivity before a session is considered complete (1-1440 minutes). Default: Duration.minutes(15) |
| tags | { [key: string]: string } | No | Tags for the evaluation configuration |
Basic Online Evaluation Creation
Create an online evaluation configuration with built-in evaluators:
OnlineEvaluationConfig evaluation = OnlineEvaluationConfig.Builder.create(this, "MyEvaluation")
.onlineEvaluationConfigName("my_evaluation")
.evaluators(List.of(EvaluatorSelector.builtin(BuiltinEvaluator.HELPFULNESS), EvaluatorSelector.builtin(BuiltinEvaluator.CORRECTNESS)))
.dataSource(DataSourceConfig.fromCloudWatchLogs(CloudWatchLogsDataSourceConfig.builder()
.logGroupNames(List.of("/aws/bedrock-agentcore/my-agent"))
.serviceNames(List.of("my-agent.default"))
.build()))
.build();
Built-in Evaluators
Amazon Bedrock AgentCore provides 13 built-in evaluators that assess different aspects of agent performance:
Session-Level Evaluators:
GOAL_SUCCESS_RATE- Evaluates whether the conversation successfully meets the user's goals
Trace-Level Evaluators:
HELPFULNESS- How useful and valuable the agent's response isCORRECTNESS- Whether the information is factually accurateFAITHFULNESS- Whether the response is faithful to the provided contextHARMFULNESS- Whether the response contains harmful contentSTEREOTYPING- Detects content that makes generalizations about individuals or groupsREFUSAL- Whether the agent appropriately refuses harmful requestsCOHERENCE- Whether the response is logically coherentRESPONSE_RELEVANCE- Whether the response appropriately addresses the user's queryCONCISENESS- Whether the response is appropriately conciseINSTRUCTION_FOLLOWING- How well the agent follows system instructions
Tool Call-Level Evaluators:
TOOL_SELECTION_ACCURACY- Whether the agent selected the appropriate toolTOOL_PARAMETER_ACCURACY- How accurately the agent extracts parameters from user queries
OnlineEvaluationConfig evaluation = OnlineEvaluationConfig.Builder.create(this, "ComprehensiveEval")
.onlineEvaluationConfigName("comprehensive_evaluation")
.evaluators(List.of(EvaluatorSelector.builtin(BuiltinEvaluator.GOAL_SUCCESS_RATE), EvaluatorSelector.builtin(BuiltinEvaluator.HELPFULNESS), EvaluatorSelector.builtin(BuiltinEvaluator.CORRECTNESS), EvaluatorSelector.builtin(BuiltinEvaluator.COHERENCE), EvaluatorSelector.builtin(BuiltinEvaluator.HARMFULNESS), EvaluatorSelector.builtin(BuiltinEvaluator.STEREOTYPING), EvaluatorSelector.builtin(BuiltinEvaluator.TOOL_SELECTION_ACCURACY)))
.dataSource(DataSourceConfig.fromCloudWatchLogs(CloudWatchLogsDataSourceConfig.builder()
.logGroupNames(List.of("/aws/bedrock-agentcore/my-agent"))
.serviceNames(List.of("my-agent.default"))
.build()))
.build();
Custom Evaluators
Custom evaluators let you define evaluation logic tailored to your specific use cases. You can create custom evaluators using two strategies:
- LLM-as-a-Judge: Uses a foundation model with custom instructions and a rating scale to assess agent performance.
- Code-based: Uses a Lambda function for custom evaluation logic.
| Property | Type | Required | Description |
|---|---|---|---|
| evaluatorName | string | Yes | Name of the evaluator. Must start with a letter, a-z, A-Z, 0-9, _ only. Maximum 48 characters |
| evaluatorConfig | EvaluatorConfig | Yes | Configuration defining how the evaluator assesses performance |
| level | EvaluationLevel | Yes | The level at which the evaluator operates: TOOL_CALL, TRACE, or SESSION |
| description | string | No | Description of the evaluator. Maximum 200 characters |
| tags | { [key: string]: string } | No | Tags for the evaluator. A list of key:value pairs to apply to this Evaluator resource |
LLM-as-a-Judge Evaluator
Create a custom evaluator that uses a foundation model to assess agent performance:
// LLM-as-a-Judge with categorical rating scale
Evaluator categoricalEvaluator = Evaluator.Builder.create(this, "CategoricalEvaluator")
.evaluatorName("domain_accuracy_evaluator")
.level(EvaluationLevel.SESSION)
.description("Evaluates domain-specific accuracy of agent responses")
.evaluatorConfig(EvaluatorConfig.llmAsAJudge(LlmAsAJudgeOptions.builder()
.instructions("Evaluate whether the agent response is accurate within the healthcare domain.")
.modelId("us.anthropic.claude-sonnet-4-6")
.ratingScale(EvaluatorRatingScale.categorical(List.of(CategoricalRatingOption.builder().label("Accurate").definition("The response contains factually correct healthcare information.").build(), CategoricalRatingOption.builder().label("Inaccurate").definition("The response contains incorrect or misleading healthcare information.").build())))
.build()))
.build();
// LLM-as-a-Judge with numerical rating scale and inference config
Evaluator numericalEvaluator = Evaluator.Builder.create(this, "NumericalEvaluator")
.evaluatorName("response_quality_evaluator")
.level(EvaluationLevel.TRACE)
.evaluatorConfig(EvaluatorConfig.llmAsAJudge(LlmAsAJudgeOptions.builder()
.instructions("Rate the overall quality of the agent response on a scale of 1 to 5.")
.modelId("us.anthropic.claude-sonnet-4-6")
.ratingScale(EvaluatorRatingScale.numerical(List.of(NumericalRatingOption.builder().label("Poor").definition("Inadequate response.").value(1).build(), NumericalRatingOption.builder().label("Below Average").definition("Partially addresses the query.").value(2).build(), NumericalRatingOption.builder().label("Average").definition("Adequately addresses the query.").value(3).build(), NumericalRatingOption.builder().label("Good").definition("Well-structured and accurate response.").value(4).build(), NumericalRatingOption.builder().label("Excellent").definition("Outstanding response exceeding expectations.").value(5).build())))
.inferenceConfig(EvaluatorInferenceConfig.builder()
.maxTokens(1024)
.temperature(0.1)
.build())
.build()))
.build();
The modelId accepts standard Bedrock model IDs and cross-region inference profile IDs with region prefixes (e.g., us., eu., global.).
Instructions placeholders: Instructions must contain placeholders appropriate for the evaluation level (e.g.,
{context},{available_tools}for SESSION level). Evaluators using reference-input placeholders (e.g.,{expected_tool_trajectory},{assertions}) are only compatible with on-demand evaluation, not online evaluation. See the custom evaluators documentation for allowed placeholders per level.
Code-Based Evaluator
Create a custom evaluator that uses a Lambda function for evaluation logic:
IFunction evalFunction;
Evaluator codeEvaluator = Evaluator.Builder.create(this, "CodeEvaluator")
.evaluatorName("custom_code_evaluator")
.level(EvaluationLevel.TOOL_CALL)
.description("Evaluates tool call accuracy using custom logic")
.evaluatorConfig(EvaluatorConfig.codeBased(CodeBasedOptions.builder()
.lambdaFunction(evalFunction)
.timeout(Duration.seconds(30))
.build()))
.build();
For code-based evaluators, the construct automatically grants the bedrock-agentcore.amazonaws.com service principal permission to invoke the Lambda function, scoped to the specific evaluator resource with aws:SourceAccount and aws:SourceArn conditions for confused deputy prevention.
Using Custom Evaluators with Online Evaluation
Custom evaluators are used in OnlineEvaluationConfig via EvaluatorSelector.custom(), alongside built-in evaluators:
Evaluator customEvaluator;
OnlineEvaluationConfig evaluation = OnlineEvaluationConfig.Builder.create(this, "MixedEvaluation")
.onlineEvaluationConfigName("mixed_evaluation")
.evaluators(List.of(EvaluatorSelector.builtin(BuiltinEvaluator.HELPFULNESS), EvaluatorSelector.builtin(BuiltinEvaluator.CORRECTNESS), EvaluatorSelector.custom(customEvaluator)))
.dataSource(DataSourceConfig.fromCloudWatchLogs(CloudWatchLogsDataSourceConfig.builder()
.logGroupNames(List.of("/aws/bedrock-agentcore/my-agent"))
.serviceNames(List.of("my-agent.default"))
.build()))
.build();
Data Source Configuration
Online evaluation supports two types of data sources:
AgentCore Runtime Data Source (Recommended):
For runtimes created within your CDK app, use fromAgentRuntimeEndpoint() which automatically derives the CloudWatch log group and service name:
Repository repository = Repository.Builder.create(this, "TestRepository")
.repositoryName("test-agent-runtime")
.build();
Runtime runtime = Runtime.Builder.create(this, "MyRuntime")
.runtimeName("my_agent")
.agentRuntimeArtifact(AgentRuntimeArtifact.fromEcrRepository(repository, "v1.0.0"))
.build();
// Using default endpoint (simplest)
OnlineEvaluationConfig evaluation = OnlineEvaluationConfig.Builder.create(this, "RuntimeEval")
.onlineEvaluationConfigName("runtime_evaluation")
.evaluators(List.of(EvaluatorSelector.builtin(BuiltinEvaluator.HELPFULNESS)))
.dataSource(DataSourceConfig.fromAgentRuntimeEndpoint(runtime))
.build();
You can also specify a specific endpoint:
Runtime runtime;
// Using a specific endpoint construct
RuntimeEndpoint prodEndpoint = runtime.addEndpoint("PROD");
OnlineEvaluationConfig evaluation = OnlineEvaluationConfig.Builder.create(this, "ProdEval")
.onlineEvaluationConfigName("prod_evaluation")
.evaluators(List.of(EvaluatorSelector.builtin(BuiltinEvaluator.CORRECTNESS)))
.dataSource(DataSourceConfig.fromAgentRuntimeEndpoint(runtime, prodEndpoint))
.build();
// Or using endpoint name as string
OnlineEvaluationConfig stagingEval = OnlineEvaluationConfig.Builder.create(this, "StagingEval")
.onlineEvaluationConfigName("staging_evaluation")
.evaluators(List.of(EvaluatorSelector.builtin(BuiltinEvaluator.CORRECTNESS)))
.dataSource(DataSourceConfig.fromAgentRuntimeEndpointName(runtime, "STAGING"))
.build();
CloudWatch Logs Data Source:
For external agents or when you need to specify log groups directly:
OnlineEvaluationConfig evaluation = OnlineEvaluationConfig.Builder.create(this, "CloudWatchEval")
.onlineEvaluationConfigName("cloudwatch_evaluation")
.evaluators(List.of(EvaluatorSelector.builtin(BuiltinEvaluator.HELPFULNESS)))
.dataSource(DataSourceConfig.fromCloudWatchLogs(CloudWatchLogsDataSourceConfig.builder()
.logGroupNames(List.of("/aws/bedrock-agentcore/agent1", "/aws/bedrock-agentcore/agent2"))
.serviceNames(List.of("agent1.default"))
.build()))
.build();
Sampling and Filtering
Configure sampling percentage and filters to control which traces are evaluated:
OnlineEvaluationConfig evaluation = OnlineEvaluationConfig.Builder.create(this, "FilteredEval")
.onlineEvaluationConfigName("filtered_evaluation")
.evaluators(List.of(EvaluatorSelector.builtin(BuiltinEvaluator.HELPFULNESS)))
.dataSource(DataSourceConfig.fromCloudWatchLogs(CloudWatchLogsDataSourceConfig.builder()
.logGroupNames(List.of("/aws/bedrock-agentcore/my-agent"))
.serviceNames(List.of("my-agent.default"))
.build()))
// Sample 25% of traces
.samplingPercentage(25)
// Only evaluate traces matching these filters
.filters(List.of(FilterConfig.builder()
.key("user.region")
.operator(FilterOperator.EQUAL)
.value(FilterValue.string("us-east-1"))
.build(), FilterConfig.builder()
.key("session.duration")
.operator(FilterOperator.GREATER_THAN)
.value(FilterValue.number(60))
.build()))
// Consider sessions complete after 30 minutes of inactivity
.sessionTimeout(Duration.minutes(30))
.build();
Online Evaluation with Custom Execution Role
Provide a custom IAM role for the evaluation execution:
Role executionRole = Role.Builder.create(this, "EvaluationRole")
.assumedBy(new ServicePrincipal("bedrock-agentcore.amazonaws.com"))
.description("Custom role for online evaluation")
.build();
// Add required permissions
executionRole.addToPolicy(PolicyStatement.Builder.create()
.actions(List.of("logs:DescribeLogGroups", "logs:GetQueryResults", "logs:StartQuery"))
.resources(List.of("arn:aws:logs:*:*:log-group:/aws/bedrock-agentcore/*"))
.build());
OnlineEvaluationConfig evaluation = OnlineEvaluationConfig.Builder.create(this, "CustomRoleEval")
.onlineEvaluationConfigName("custom_role_evaluation")
.evaluators(List.of(EvaluatorSelector.builtin(BuiltinEvaluator.HELPFULNESS)))
.dataSource(DataSourceConfig.fromCloudWatchLogs(CloudWatchLogsDataSourceConfig.builder()
.logGroupNames(List.of("/aws/bedrock-agentcore/my-agent"))
.serviceNames(List.of("my-agent.default"))
.build()))
.executionRole(executionRole)
.build();
Online Evaluation IAM Permissions
Grant IAM permissions to manage or read evaluation configurations:
OnlineEvaluationConfig evaluation; IRole role; // Grant specific permissions evaluation.grant(role, "bedrock-agentcore:GetOnlineEvaluationConfig", "bedrock-agentcore:UpdateOnlineEvaluationConfig");
-
ClassDescriptionOptions for adding an API Gateway target to a gateway.A builder for
AddApiGatewayTargetOptionsAn implementation forAddApiGatewayTargetOptionsOptions for adding an endpoint to the runtime.A builder forAddEndpointOptionsAn implementation forAddEndpointOptionsOptions for adding a Lambda target to a gateway.A builder forAddLambdaTargetOptionsAn implementation forAddLambdaTargetOptionsOptions for adding an MCP Server target to a gateway.A builder forAddMcpServerTargetOptionsAn implementation forAddMcpServerTargetOptionsOptions for adding an OpenAPI target to a gateway.A builder forAddOpenApiTargetOptionsAn implementation forAddOpenApiTargetOptionsOptions for adding a Smithy target to a gateway.A builder forAddSmithyTargetOptionsAn implementation forAddSmithyTargetOptionsBedrock AgentCore runtime environment for code execution Allowed values: PYTHON_3_10 | PYTHON_3_11 | PYTHON_3_12 | PYTHON_3_13 | PYTHON_3_14 | NODE_22.Abstract base class for agent runtime artifacts.Attributes for importing an existing Agent Runtime.A builder forAgentRuntimeAttributesAn implementation forAgentRuntimeAttributesHTTP methods supported by API Gateway.Configuration for API Gateway-based MCP targets.A fluent builder forApiGatewayTargetConfiguration.Properties for creating an API Gateway target configuration.A builder forApiGatewayTargetConfigurationPropsAn implementation forApiGatewayTargetConfigurationPropsConfiguration for API Gateway tools.A builder forApiGatewayToolConfigurationAn implementation forApiGatewayToolConfigurationConfiguration for filtering API Gateway tools.A builder forApiGatewayToolFilterAn implementation forApiGatewayToolFilterConfiguration for overriding API Gateway tool metadata.A builder forApiGatewayToolOverrideAn implementation forApiGatewayToolOverrideAPI Key additional configuration.A builder forApiKeyAdditionalConfigurationAn implementation forApiKeyAdditionalConfigurationAPI Key location within the request.L2 construct forAWS::BedrockAgentCore::ApiKeyCredentialProvider.A fluent builder forApiKeyCredentialProvider.Attributes for importing an existing API key credential provider.A builder forApiKeyCredentialProviderAttributesAn implementation forApiKeyCredentialProviderAttributesIAM actions for AgentCore API key credential providers (Token Vault).API key credential provider ARNs for gateway outbound auth (Token Vault identity).A builder forApiKeyCredentialProviderOptionsAn implementation forApiKeyCredentialProviderOptionsProperties for a newApiKeyCredentialProvider(Token Vault resource).A builder forApiKeyCredentialProviderPropsAn implementation forApiKeyCredentialProviderPropsRepresents the concept of an API Schema for a Gateway Target.API Schema from a local asset.A fluent builder forAssetApiSchema.Tool Schema from a local asset.A fluent builder forAssetToolSchema.Props for.invalid reference
OAuth2CredentialProvider.usingAtlassianA builder forAtlassianOAuth2CredentialProviderPropsAn implementation forAtlassianOAuth2CredentialProviderPropsBrowser resource for AWS Bedrock Agent Core.A fluent builder forBrowserCustom.Attributes for specifying an imported Browser Custom.A builder forBrowserCustomAttributesAn implementation forBrowserCustomAttributesAbstract base class for a Browser.Properties for creating a Browser resource.A builder forBrowserCustomPropsAn implementation forBrowserCustomPropsNetwork configuration for the Browser tool.Browser signing.Built-in evaluators provided by Amazon Bedrock AgentCore.A categorical rating scale option for custom evaluators.A builder forCategoricalRatingOptionAn implementation forCategoricalRatingOptionResource Type definition for AWS::BedrockAgentCore::ApiKeyCredentialProvider.Contains information about the API key secret in AWS Secrets Manager.A builder forCfnApiKeyCredentialProvider.ApiKeySecretArnPropertyAn implementation forCfnApiKeyCredentialProvider.ApiKeySecretArnPropertyA fluent builder forCfnApiKeyCredentialProvider.Properties for defining aCfnApiKeyCredentialProvider.A builder forCfnApiKeyCredentialProviderPropsAn implementation forCfnApiKeyCredentialProviderPropsAgentCore Browser tool provides a fast, secure, cloud-based browser runtime to enable AI agents to interact with websites at scale.Browser enterprise policy configuration.A builder forCfnBrowserCustom.BrowserEnterprisePolicyPropertyAn implementation forCfnBrowserCustom.BrowserEnterprisePolicyPropertyThe network configuration.A builder forCfnBrowserCustom.BrowserNetworkConfigurationPropertyAn implementation forCfnBrowserCustom.BrowserNetworkConfigurationPropertyBrowser signing configuration.A builder forCfnBrowserCustom.BrowserSigningPropertyAn implementation forCfnBrowserCustom.BrowserSigningPropertyA fluent builder forCfnBrowserCustom.Certificate location in Secrets Manager.A builder forCfnBrowserCustom.CertificateLocationPropertyAn implementation forCfnBrowserCustom.CertificateLocationPropertyA root CA certificate configuration.A builder forCfnBrowserCustom.CertificatePropertyAn implementation forCfnBrowserCustom.CertificatePropertyThe recording configuration.A builder forCfnBrowserCustom.RecordingConfigPropertyAn implementation forCfnBrowserCustom.RecordingConfigPropertyThe S3 location.A builder forCfnBrowserCustom.S3LocationPropertyAn implementation forCfnBrowserCustom.S3LocationPropertyNetwork mode configuration for VPC.A builder forCfnBrowserCustom.VpcConfigPropertyAn implementation forCfnBrowserCustom.VpcConfigPropertyProperties for defining aCfnBrowserCustom.A builder forCfnBrowserCustomPropsAn implementation forCfnBrowserCustomPropsResource definition for AWS::BedrockAgentCore::BrowserProfile.A fluent builder forCfnBrowserProfile.Properties for defining aCfnBrowserProfile.A builder forCfnBrowserProfilePropsAn implementation forCfnBrowserProfilePropsThe AgentCore Code Interpreter tool enables agents to securely execute code in isolated sandbox environments.A fluent builder forCfnCodeInterpreterCustom.Certificate location in Secrets Manager.A builder forCfnCodeInterpreterCustom.CertificateLocationPropertyAn implementation forCfnCodeInterpreterCustom.CertificateLocationPropertyA root CA certificate configuration.A builder forCfnCodeInterpreterCustom.CertificatePropertyAn implementation forCfnCodeInterpreterCustom.CertificatePropertyThe network configuration.An implementation forCfnCodeInterpreterCustom.CodeInterpreterNetworkConfigurationPropertyNetwork mode configuration for VPC.A builder forCfnCodeInterpreterCustom.VpcConfigPropertyAn implementation forCfnCodeInterpreterCustom.VpcConfigPropertyProperties for defining aCfnCodeInterpreterCustom.A builder forCfnCodeInterpreterCustomPropsAn implementation forCfnCodeInterpreterCustomPropsResource Type definition for AWS::BedrockAgentCore::Evaluator - Creates a custom evaluator for agent quality assessment using LLM-as-a-Judge configurations.The configuration for using Amazon Bedrock models in evaluator assessments.A builder forCfnEvaluator.BedrockEvaluatorModelConfigPropertyAn implementation forCfnEvaluator.BedrockEvaluatorModelConfigPropertyA fluent builder forCfnEvaluator.A categorical rating scale option.A builder forCfnEvaluator.CategoricalScaleDefinitionPropertyAn implementation forCfnEvaluator.CategoricalScaleDefinitionPropertyThe configuration for code-based evaluation using a Lambda function.A builder forCfnEvaluator.CodeBasedEvaluatorConfigPropertyAn implementation forCfnEvaluator.CodeBasedEvaluatorConfigPropertyThe configuration that defines how an evaluator assesses agent performance.A builder forCfnEvaluator.EvaluatorConfigPropertyAn implementation forCfnEvaluator.EvaluatorConfigPropertyThe model configuration that specifies which foundation model to use for evaluation.A builder forCfnEvaluator.EvaluatorModelConfigPropertyAn implementation forCfnEvaluator.EvaluatorModelConfigPropertyThe inference configuration parameters that control model behavior during evaluation.A builder forCfnEvaluator.InferenceConfigurationPropertyAn implementation forCfnEvaluator.InferenceConfigurationPropertyThe Lambda function configuration for code-based evaluation.A builder forCfnEvaluator.LambdaEvaluatorConfigPropertyAn implementation forCfnEvaluator.LambdaEvaluatorConfigPropertyThe configuration for LLM-as-a-Judge evaluation.A builder forCfnEvaluator.LlmAsAJudgeEvaluatorConfigPropertyAn implementation forCfnEvaluator.LlmAsAJudgeEvaluatorConfigPropertyA numerical rating scale option.A builder forCfnEvaluator.NumericalScaleDefinitionPropertyAn implementation forCfnEvaluator.NumericalScaleDefinitionPropertyThe rating scale that defines how evaluators should score agent performance.A builder forCfnEvaluator.RatingScalePropertyAn implementation forCfnEvaluator.RatingScalePropertyProperties for defining aCfnEvaluator.A builder forCfnEvaluatorPropsAn implementation forCfnEvaluatorPropsAmazon Bedrock AgentCore Gateway provides a unified connectivity layer between agents and the tools and resources they need to interact with.Example:A builder forCfnGateway.AuthorizerConfigurationPropertyAn implementation forCfnGateway.AuthorizerConfigurationPropertyThe value or values in the custom claim to match and relationship of match.A builder forCfnGateway.AuthorizingClaimMatchValueTypePropertyAn implementation forCfnGateway.AuthorizingClaimMatchValueTypePropertyA fluent builder forCfnGateway.The value or values in the custom claim to match for.A builder forCfnGateway.ClaimMatchValueTypePropertyAn implementation forCfnGateway.ClaimMatchValueTypePropertyRequired custom claim.A builder forCfnGateway.CustomClaimValidationTypePropertyAn implementation forCfnGateway.CustomClaimValidationTypePropertyExample:A builder forCfnGateway.CustomJWTAuthorizerConfigurationPropertyAn implementation forCfnGateway.CustomJWTAuthorizerConfigurationPropertyExample:A builder forCfnGateway.GatewayInterceptorConfigurationPropertyAn implementation forCfnGateway.GatewayInterceptorConfigurationPropertyThe configuration for a policy engine associated with a gateway.A builder forCfnGateway.GatewayPolicyEngineConfigurationPropertyAn implementation forCfnGateway.GatewayPolicyEngineConfigurationPropertyThe protocol configuration.A builder forCfnGateway.GatewayProtocolConfigurationPropertyAn implementation forCfnGateway.GatewayProtocolConfigurationPropertyExample:A builder forCfnGateway.InterceptorConfigurationPropertyAn implementation forCfnGateway.InterceptorConfigurationPropertyExample:A builder forCfnGateway.InterceptorInputConfigurationPropertyAn implementation forCfnGateway.InterceptorInputConfigurationPropertyExample:A builder forCfnGateway.LambdaInterceptorConfigurationPropertyAn implementation forCfnGateway.LambdaInterceptorConfigurationPropertyThe gateway configuration for MCP.A builder forCfnGateway.MCPGatewayConfigurationPropertyAn implementation forCfnGateway.MCPGatewayConfigurationPropertyThe workload identity details for the gateway.A builder forCfnGateway.WorkloadIdentityDetailsPropertyAn implementation forCfnGateway.WorkloadIdentityDetailsPropertyProperties for defining aCfnGateway.A builder forCfnGatewayPropsAn implementation forCfnGatewayPropsAfter creating a gateway, you can add targets, which define the tools that your gateway will host.Example:A builder forCfnGatewayTarget.ApiGatewayTargetConfigurationPropertyAn implementation forCfnGatewayTarget.ApiGatewayTargetConfigurationPropertyExample:A builder forCfnGatewayTarget.ApiGatewayToolConfigurationPropertyAn implementation forCfnGatewayTarget.ApiGatewayToolConfigurationPropertyExample:A builder forCfnGatewayTarget.ApiGatewayToolFilterPropertyAn implementation forCfnGatewayTarget.ApiGatewayToolFilterPropertyExample:A builder forCfnGatewayTarget.ApiGatewayToolOverridePropertyAn implementation forCfnGatewayTarget.ApiGatewayToolOverridePropertyThe API key credential provider for the gateway target.A builder forCfnGatewayTarget.ApiKeyCredentialProviderPropertyAn implementation forCfnGatewayTarget.ApiKeyCredentialProviderPropertyThe API schema configuration for the gateway target.A builder forCfnGatewayTarget.ApiSchemaConfigurationPropertyAn implementation forCfnGatewayTarget.ApiSchemaConfigurationPropertyA fluent builder forCfnGatewayTarget.The credential provider configuration for the gateway target.A builder forCfnGatewayTarget.CredentialProviderConfigurationPropertyAn implementation forCfnGatewayTarget.CredentialProviderConfigurationPropertyExample:A builder forCfnGatewayTarget.CredentialProviderPropertyAn implementation forCfnGatewayTarget.CredentialProviderPropertyExample:A builder forCfnGatewayTarget.IamCredentialProviderPropertyAn implementation forCfnGatewayTarget.IamCredentialProviderPropertyThe Lambda target configuration.A builder forCfnGatewayTarget.McpLambdaTargetConfigurationPropertyAn implementation forCfnGatewayTarget.McpLambdaTargetConfigurationPropertyExample:A builder forCfnGatewayTarget.McpServerTargetConfigurationPropertyAn implementation forCfnGatewayTarget.McpServerTargetConfigurationPropertyThe MCP target configuration for the gateway target.A builder forCfnGatewayTarget.McpTargetConfigurationPropertyAn implementation forCfnGatewayTarget.McpTargetConfigurationPropertyExample:A builder forCfnGatewayTarget.MetadataConfigurationPropertyAn implementation forCfnGatewayTarget.MetadataConfigurationPropertyThe OAuth credential provider for the gateway target.A builder forCfnGatewayTarget.OAuthCredentialProviderPropertyAn implementation forCfnGatewayTarget.OAuthCredentialProviderPropertyThe S3 configuration for the gateway target.A builder forCfnGatewayTarget.S3ConfigurationPropertyAn implementation forCfnGatewayTarget.S3ConfigurationPropertyThe schema definition for the gateway target.A builder forCfnGatewayTarget.SchemaDefinitionPropertyAn implementation forCfnGatewayTarget.SchemaDefinitionPropertyThe target configuration.A builder forCfnGatewayTarget.TargetConfigurationPropertyAn implementation forCfnGatewayTarget.TargetConfigurationPropertyThe tool definition for the gateway.A builder forCfnGatewayTarget.ToolDefinitionPropertyAn implementation forCfnGatewayTarget.ToolDefinitionPropertyThe tool schema for the gateway target.A builder forCfnGatewayTarget.ToolSchemaPropertyAn implementation forCfnGatewayTarget.ToolSchemaPropertyProperties for defining aCfnGatewayTarget.A builder forCfnGatewayTargetPropsAn implementation forCfnGatewayTargetPropsMemory allows AI agents to maintain both immediate and long-term knowledge, enabling context-aware and personalized interactions.A fluent builder forCfnMemory.Example:A builder forCfnMemory.ContentConfigurationPropertyAn implementation forCfnMemory.ContentConfigurationPropertyThe memory configuration input.A builder forCfnMemory.CustomConfigurationInputPropertyAn implementation forCfnMemory.CustomConfigurationInputPropertyThe memory strategy.A builder forCfnMemory.CustomMemoryStrategyPropertyAn implementation forCfnMemory.CustomMemoryStrategyPropertyExample:A builder forCfnMemory.EpisodicMemoryStrategyPropertyAn implementation forCfnMemory.EpisodicMemoryStrategyPropertyExample:An implementation forCfnMemory.EpisodicOverrideConsolidationConfigurationInputPropertyExample:An implementation forCfnMemory.EpisodicOverrideExtractionConfigurationInputPropertyExample:A builder forCfnMemory.EpisodicOverridePropertyAn implementation forCfnMemory.EpisodicOverridePropertyExample:An implementation forCfnMemory.EpisodicOverrideReflectionConfigurationInputPropertyExample:A builder forCfnMemory.EpisodicReflectionConfigurationInputPropertyAn implementation forCfnMemory.EpisodicReflectionConfigurationInputPropertyExample:A builder forCfnMemory.ExtractionConfigPropertyAn implementation forCfnMemory.ExtractionConfigPropertyExample:A builder forCfnMemory.IndexedKeyPropertyAn implementation forCfnMemory.IndexedKeyPropertyThe memory invocation configuration input.A builder forCfnMemory.InvocationConfigurationInputPropertyAn implementation forCfnMemory.InvocationConfigurationInputPropertyExample:A builder forCfnMemory.KinesisResourcePropertyAn implementation forCfnMemory.KinesisResourcePropertyExample:A builder forCfnMemory.LlmExtractionConfigPropertyAn implementation forCfnMemory.LlmExtractionConfigPropertyExample:A builder forCfnMemory.MemoryRecordSchemaPropertyAn implementation forCfnMemory.MemoryRecordSchemaPropertyThe memory strategy.A builder forCfnMemory.MemoryStrategyPropertyAn implementation forCfnMemory.MemoryStrategyPropertyThe message based trigger input.A builder forCfnMemory.MessageBasedTriggerInputPropertyAn implementation forCfnMemory.MessageBasedTriggerInputPropertyExample:A builder forCfnMemory.MetadataSchemaEntryPropertyAn implementation forCfnMemory.MetadataSchemaEntryPropertyExample:A builder forCfnMemory.NumberValidationPropertyAn implementation forCfnMemory.NumberValidationPropertyThe self managed configuration.A builder forCfnMemory.SelfManagedConfigurationPropertyAn implementation forCfnMemory.SelfManagedConfigurationPropertyThe memory strategy.A builder forCfnMemory.SemanticMemoryStrategyPropertyAn implementation forCfnMemory.SemanticMemoryStrategyPropertyThe memory override configuration.An implementation forCfnMemory.SemanticOverrideConsolidationConfigurationInputPropertyThe memory override configuration.An implementation forCfnMemory.SemanticOverrideExtractionConfigurationInputPropertyThe memory override.A builder forCfnMemory.SemanticOverridePropertyAn implementation forCfnMemory.SemanticOverridePropertyExample:A builder forCfnMemory.StreamDeliveryResourcePropertyAn implementation forCfnMemory.StreamDeliveryResourcePropertyExample:A builder forCfnMemory.StreamDeliveryResourcesPropertyAn implementation forCfnMemory.StreamDeliveryResourcesPropertyExample:A builder forCfnMemory.StringListValidationPropertyAn implementation forCfnMemory.StringListValidationPropertyExample:A builder forCfnMemory.StringValidationPropertyAn implementation forCfnMemory.StringValidationPropertyThe memory strategy.A builder forCfnMemory.SummaryMemoryStrategyPropertyAn implementation forCfnMemory.SummaryMemoryStrategyPropertyThe consolidation configuration.An implementation forCfnMemory.SummaryOverrideConsolidationConfigurationInputPropertyThe memory summary override.A builder forCfnMemory.SummaryOverridePropertyAn implementation forCfnMemory.SummaryOverridePropertyThe memory trigger condition input for the time based trigger.A builder forCfnMemory.TimeBasedTriggerInputPropertyAn implementation forCfnMemory.TimeBasedTriggerInputPropertyThe token based trigger input.A builder forCfnMemory.TokenBasedTriggerInputPropertyAn implementation forCfnMemory.TokenBasedTriggerInputPropertyThe memory trigger condition input.A builder forCfnMemory.TriggerConditionInputPropertyAn implementation forCfnMemory.TriggerConditionInputPropertyThe memory strategy.A builder forCfnMemory.UserPreferenceMemoryStrategyPropertyAn implementation forCfnMemory.UserPreferenceMemoryStrategyPropertyThe configuration input.An implementation forCfnMemory.UserPreferenceOverrideConsolidationConfigurationInputPropertyThe memory override configuration.An implementation forCfnMemory.UserPreferenceOverrideExtractionConfigurationInputPropertyThe memory user preference override.A builder forCfnMemory.UserPreferenceOverridePropertyAn implementation forCfnMemory.UserPreferenceOverridePropertyExample:A builder forCfnMemory.ValidationPropertyAn implementation forCfnMemory.ValidationPropertyProperties for defining aCfnMemory.A builder forCfnMemoryPropsAn implementation forCfnMemoryPropsResource Type definition for AWS::BedrockAgentCore::OAuth2CredentialProvider.Input configuration for an Atlassian OAuth2 provider.An implementation forCfnOAuth2CredentialProvider.AtlassianOauth2ProviderConfigInputPropertyA fluent builder forCfnOAuth2CredentialProvider.Contains information about a secret in AWS Secrets Manager.A builder forCfnOAuth2CredentialProvider.ClientSecretArnPropertyAn implementation forCfnOAuth2CredentialProvider.ClientSecretArnPropertyInput configuration for a custom OAuth2 provider.An implementation forCfnOAuth2CredentialProvider.CustomOauth2ProviderConfigInputPropertyInput configuration for a GitHub OAuth2 provider.An implementation forCfnOAuth2CredentialProvider.GithubOauth2ProviderConfigInputPropertyInput configuration for a Google OAuth2 provider.An implementation forCfnOAuth2CredentialProvider.GoogleOauth2ProviderConfigInputPropertyInput configuration for a supported non-custom OAuth2 provider.An implementation forCfnOAuth2CredentialProvider.IncludedOauth2ProviderConfigInputPropertyInput configuration for a LinkedIn OAuth2 provider.An implementation forCfnOAuth2CredentialProvider.LinkedinOauth2ProviderConfigInputPropertyInput configuration for a Microsoft OAuth2 provider.An implementation forCfnOAuth2CredentialProvider.MicrosoftOauth2ProviderConfigInputPropertyAuthorization server metadata for the OAuth2 provider.An implementation forCfnOAuth2CredentialProvider.Oauth2AuthorizationServerMetadataPropertyDiscovery information for an OAuth2 provider.A builder forCfnOAuth2CredentialProvider.Oauth2DiscoveryPropertyAn implementation forCfnOAuth2CredentialProvider.Oauth2DiscoveryPropertyInput configuration for an OAuth2 provider.An implementation forCfnOAuth2CredentialProvider.Oauth2ProviderConfigInputPropertyOutput configuration for an OAuth2 provider.An implementation forCfnOAuth2CredentialProvider.Oauth2ProviderConfigOutputPropertyConfiguration for on-behalf-of token exchange.An implementation forCfnOAuth2CredentialProvider.OnBehalfOfTokenExchangeConfigPropertyInput configuration for a Salesforce OAuth2 provider.An implementation forCfnOAuth2CredentialProvider.SalesforceOauth2ProviderConfigInputPropertyInput configuration for a Slack OAuth2 provider.An implementation forCfnOAuth2CredentialProvider.SlackOauth2ProviderConfigInputPropertyConfiguration for RFC 8693 Token Exchange.An implementation forCfnOAuth2CredentialProvider.TokenExchangeGrantTypeConfigPropertyProperties for defining aCfnOAuth2CredentialProvider.A builder forCfnOAuth2CredentialProviderPropsAn implementation forCfnOAuth2CredentialProviderPropsResource Type definition for AWS::BedrockAgentCore::OnlineEvaluationConfig - Creates an online evaluation configuration for continuous monitoring of agent performance.A fluent builder forCfnOnlineEvaluationConfig.The configuration for reading agent traces from CloudWatch logs.An implementation forCfnOnlineEvaluationConfig.CloudWatchLogsInputConfigPropertyThe CloudWatch configuration for writing evaluation results.A builder forCfnOnlineEvaluationConfig.CloudWatchOutputConfigPropertyAn implementation forCfnOnlineEvaluationConfig.CloudWatchOutputConfigPropertyThe configuration that specifies where to read agent traces for online evaluation.A builder forCfnOnlineEvaluationConfig.DataSourceConfigPropertyAn implementation forCfnOnlineEvaluationConfig.DataSourceConfigPropertyThe reference to an evaluator used in online evaluation configurations.A builder forCfnOnlineEvaluationConfig.EvaluatorReferencePropertyAn implementation forCfnOnlineEvaluationConfig.EvaluatorReferencePropertyThe filter that applies conditions to agent traces during online evaluation.A builder forCfnOnlineEvaluationConfig.FilterPropertyAn implementation forCfnOnlineEvaluationConfig.FilterPropertyThe value used in filter comparisons.A builder forCfnOnlineEvaluationConfig.FilterValuePropertyAn implementation forCfnOnlineEvaluationConfig.FilterValuePropertyThe configuration that specifies where evaluation results should be written.A builder forCfnOnlineEvaluationConfig.OutputConfigPropertyAn implementation forCfnOnlineEvaluationConfig.OutputConfigPropertyThe evaluation rule that defines sampling configuration, filtering criteria, and session detection settings.A builder forCfnOnlineEvaluationConfig.RulePropertyAn implementation forCfnOnlineEvaluationConfig.RulePropertyThe configuration that controls what percentage of agent traces are sampled for evaluation.A builder forCfnOnlineEvaluationConfig.SamplingConfigPropertyAn implementation forCfnOnlineEvaluationConfig.SamplingConfigPropertyThe configuration that defines how agent sessions are detected.A builder forCfnOnlineEvaluationConfig.SessionConfigPropertyAn implementation forCfnOnlineEvaluationConfig.SessionConfigPropertyProperties for defining aCfnOnlineEvaluationConfig.A builder forCfnOnlineEvaluationConfigPropsAn implementation forCfnOnlineEvaluationConfigPropsResource Type definition for AWS::BedrockAgentCore::Policy.A fluent builder forCfnPolicy.A Cedar policy statement within the AgentCore Policy system.A builder forCfnPolicy.CedarPolicyPropertyAn implementation forCfnPolicy.CedarPolicyPropertyThe definition structure for policies.A builder forCfnPolicy.PolicyDefinitionPropertyAn implementation forCfnPolicy.PolicyDefinitionPropertyResource Type definition for AWS::BedrockAgentCore::PolicyEngine.A fluent builder forCfnPolicyEngine.Properties for defining aCfnPolicyEngine.A builder forCfnPolicyEnginePropsAn implementation forCfnPolicyEnginePropsProperties for defining aCfnPolicy.A builder forCfnPolicyPropsAn implementation forCfnPolicyPropsContains information about an agent runtime.The artifact of the agent.A builder forCfnRuntime.AgentRuntimeArtifactPropertyAn implementation forCfnRuntime.AgentRuntimeArtifactPropertyThe authorizer configuration.A builder forCfnRuntime.AuthorizerConfigurationPropertyAn implementation forCfnRuntime.AuthorizerConfigurationPropertyThe value or values in the custom claim to match and relationship of match.A builder forCfnRuntime.AuthorizingClaimMatchValueTypePropertyAn implementation forCfnRuntime.AuthorizingClaimMatchValueTypePropertyA fluent builder forCfnRuntime.The value or values in the custom claim to match for.A builder forCfnRuntime.ClaimMatchValueTypePropertyAn implementation forCfnRuntime.ClaimMatchValueTypePropertyRepresentation of a code configuration.A builder forCfnRuntime.CodeConfigurationPropertyAn implementation forCfnRuntime.CodeConfigurationPropertyObject represents source code from zip file.A builder forCfnRuntime.CodePropertyAn implementation forCfnRuntime.CodePropertyThe container configuration.A builder forCfnRuntime.ContainerConfigurationPropertyAn implementation forCfnRuntime.ContainerConfigurationPropertyRequired custom claim.A builder forCfnRuntime.CustomClaimValidationTypePropertyAn implementation forCfnRuntime.CustomClaimValidationTypePropertyConfiguration for custom JWT authorizer.A builder forCfnRuntime.CustomJWTAuthorizerConfigurationPropertyAn implementation forCfnRuntime.CustomJWTAuthorizerConfigurationPropertyFilesystem configuration for the runtime.A builder forCfnRuntime.FilesystemConfigurationPropertyAn implementation forCfnRuntime.FilesystemConfigurationPropertyConfiguration for managing the lifecycle of runtime sessions and resources.A builder forCfnRuntime.LifecycleConfigurationPropertyAn implementation forCfnRuntime.LifecycleConfigurationPropertyThe network configuration for the agent.A builder forCfnRuntime.NetworkConfigurationPropertyAn implementation forCfnRuntime.NetworkConfigurationPropertyConfiguration for HTTP request headers.A builder forCfnRuntime.RequestHeaderConfigurationPropertyAn implementation forCfnRuntime.RequestHeaderConfigurationPropertyS3 Location Configuration.A builder forCfnRuntime.S3LocationPropertyAn implementation forCfnRuntime.S3LocationPropertyConfiguration for session storage.A builder forCfnRuntime.SessionStorageConfigurationPropertyAn implementation forCfnRuntime.SessionStorageConfigurationPropertyNetwork mode configuration for VPC.A builder forCfnRuntime.VpcConfigPropertyAn implementation forCfnRuntime.VpcConfigPropertyThe workload identity details for the agent.A builder forCfnRuntime.WorkloadIdentityDetailsPropertyAn implementation forCfnRuntime.WorkloadIdentityDetailsPropertyAgentCore Runtime is a secure, serverless runtime purpose-built for deploying and scaling dynamic AI agents and tools using any open-source framework including LangGraph, CrewAI, and Strands Agents, any protocol, and any model.A fluent builder forCfnRuntimeEndpoint.Properties for defining aCfnRuntimeEndpoint.A builder forCfnRuntimeEndpointPropsAn implementation forCfnRuntimeEndpointPropsProperties for defining aCfnRuntime.A builder forCfnRuntimePropsAn implementation forCfnRuntimePropsCreates a workload identity for Amazon Bedrock AgentCore.A fluent builder forCfnWorkloadIdentity.Properties for defining aCfnWorkloadIdentity.A builder forCfnWorkloadIdentityPropsAn implementation forCfnWorkloadIdentityPropsConfiguration for CloudWatch Logs data source.A builder forCloudWatchLogsDataSourceConfigAn implementation forCloudWatchLogsDataSourceConfigOptions for configuring an S3 code asset from local files for agent runtime artifact.A builder forCodeAssetOptionsAn implementation forCodeAssetOptionsOptions for configuring a code-based custom evaluator using a Lambda function.A builder forCodeBasedOptionsAn implementation forCodeBasedOptionsCustom code interpreter resource for AWS Bedrock Agent Core.A fluent builder forCodeInterpreterCustom.Attributes for specifying an imported Code Interpreter Custom.A builder forCodeInterpreterCustomAttributesAn implementation forCodeInterpreterCustomAttributesAbstract base class for a Code Interpreter.Properties for creating a CodeInterpreter resource.A builder forCodeInterpreterCustomPropsAn implementation forCodeInterpreterCustomPropsNetwork configuration for the Code Interpreter tool.**************************************************************************** Factory ***************************************************************************.A builder forCognitoAuthorizerPropsAn implementation forCognitoAuthorizerPropsCredential provider types supported by gateway target.Custom claim match operator.Custom JWT authorizer configuration implementation.A fluent builder forCustomJwtAuthorizer.Custom JWT authorizer configuration.A builder forCustomJwtConfigurationAn implementation forCustomJwtConfigurationProps for.invalid reference
OAuth2CredentialProvider.usingCustomA builder forCustomOAuth2CredentialProviderPropsAn implementation forCustomOAuth2CredentialProviderPropsConfiguration for the data source used in online evaluation.The result of binding a DataSourceConfig.A builder forDataSourceConfigBindResultAn implementation forDataSourceConfigBindResultProps for.invalid reference
OAuth2CredentialProvider.usingDropboxA builder forDropboxOAuth2CredentialProviderPropsAn implementation forDropboxOAuth2CredentialProviderPropsConfiguration for episodic memory reflection.A builder forEpisodicReflectionConfigurationAn implementation forEpisodicReflectionConfigurationThe level at which a custom evaluator assesses agent performance.A custom evaluator for Amazon Bedrock AgentCore.A fluent builder forEvaluator.Attributes for importing an existing Evaluator.A builder forEvaluatorAttributesAn implementation forEvaluatorAttributesAbstract base class for Evaluator.Configuration for a custom evaluator.Inference configuration for a custom LLM-as-a-Judge evaluator.A builder forEvaluatorInferenceConfigAn implementation forEvaluatorInferenceConfigProperties for creating an Evaluator.A builder forEvaluatorPropsAn implementation forEvaluatorPropsRepresents a rating scale for custom LLM-as-a-Judge evaluators.Represents a reference to an evaluator for online evaluation.The result of binding an EvaluatorSelector.A builder forEvaluatorSelectorBindResultAn implementation forEvaluatorSelectorBindResultThe execution status of an online evaluation configuration.Props for.invalid reference
OAuth2CredentialProvider.usingFacebookA builder forFacebookOAuth2CredentialProviderPropsAn implementation forFacebookOAuth2CredentialProviderPropsFilter configuration for online evaluation.A builder forFilterConfigAn implementation forFilterConfigFilter operators for online evaluation filtering.A typed filter value for online evaluation filtering.Optional gateway settings when binding anIApiKeyCredentialProviderto a target.A builder forFromApiKeyIdentityOptionsAn implementation forFromApiKeyIdentityOptionsOAuth scopes (and optional custom parameters) when binding anIOAuth2CredentialProviderto a gateway target.A builder forFromOauthIdentityOptionsAn implementation forFromOauthIdentityOptionsGateway resource for AWS Bedrock Agent Core.A fluent builder forGateway.Provider and secret ARNs for wiring a Token Vault API key identity into a gateway target.A builder forGatewayApiKeyIdentityBindingAn implementation forGatewayApiKeyIdentityBindingAttributes for importing an existing Gateway.A builder forGatewayAttributesAn implementation forGatewayAttributesFactory class for creating Gateway Authorizers.Gateway authorizer type.**************************************************************************** Base Class ***************************************************************************.Factory class for creating different Gateway Credential Providers.Represents a custom claim validation configuration for Gateway JWT authorizers.Exception levels for gateway.Provider ARN, secret ARN, and OAuth scopes for wiring a Token Vault OAuth2 identity into a gateway target.A builder forGatewayOAuth2IdentityBindingAn implementation forGatewayOAuth2IdentityBindingProperties for defining a Gateway.A builder forGatewayPropsAn implementation forGatewayPropsFactory class for instantiating Gateway Protocols.Defines tools that your gateway will host.A fluent builder forGatewayTarget.Properties for creating an API Gateway-based Gateway Target.A builder forGatewayTargetApiGatewayPropsAn implementation forGatewayTargetApiGatewayPropsAttributes for importing an existing Gateway Target.A builder forGatewayTargetAttributesAn implementation forGatewayTargetAttributesBase class for gateway target implementations.Common properties for all Gateway Target types.A builder forGatewayTargetCommonPropsAn implementation forGatewayTargetCommonPropsProperties for creating a Lambda-based Gateway Target Convenience interface for the most common use case.A builder forGatewayTargetLambdaPropsAn implementation forGatewayTargetLambdaPropsProperties for creating an MCP Server-based Gateway Target.A builder forGatewayTargetMcpServerPropsAn implementation forGatewayTargetMcpServerPropsProperties for creating an OpenAPI-based Gateway Target.A builder forGatewayTargetOpenApiPropsAn implementation forGatewayTargetOpenApiPropsProperties for creating a Gateway Target resource.A builder forGatewayTargetPropsAn implementation forGatewayTargetPropsProtocol types supported by gateway targets.Properties for creating a Smithy-based Gateway Target.A builder forGatewayTargetSmithyPropsAn implementation forGatewayTargetSmithyPropsProps for.invalid reference
OAuth2CredentialProvider.usingGithubA builder forGithubOAuth2CredentialProviderPropsAn implementation forGithubOAuth2CredentialProviderPropsProps for.invalid reference
OAuth2CredentialProvider.usingGoogleA builder forGoogleOAuth2CredentialProviderPropsAn implementation forGoogleOAuth2CredentialProviderPropsProps for.invalid reference
OAuth2CredentialProvider.usingHubspotA builder forHubspotOAuth2CredentialProviderPropsAn implementation forHubspotOAuth2CredentialProviderPropsAWS IAM authorizer configuration implementation.An API key credential provider registered in AgentCore Token Vault.Internal default implementation forIApiKeyCredentialProvider.A proxy class which represents a concrete javascript instance of this type.Interface for Agent Runtime resources.Internal default implementation forIBedrockAgentRuntime.A proxy class which represents a concrete javascript instance of this type.Interface for Browser resources.Internal default implementation forIBrowserCustom.A proxy class which represents a concrete javascript instance of this type.Interface for CodeInterpreterCustom resources.Internal default implementation forICodeInterpreterCustom.A proxy class which represents a concrete javascript instance of this type.Abstract interface for gateway credential provider configuration.Internal default implementation forICredentialProviderConfig.A proxy class which represents a concrete javascript instance of this type.Interface for Evaluator resources.Internal default implementation forIEvaluator.A proxy class which represents a concrete javascript instance of this type.Interface for Gateway resources.Internal default implementation forIGateway.A proxy class which represents a concrete javascript instance of this type.Abstract interface for gateway authorizer configuration.Internal default implementation forIGatewayAuthorizerConfig.A proxy class which represents a concrete javascript instance of this type.Abstract interface for gateway protocol configuration.Internal default implementation forIGatewayProtocolConfig.A proxy class which represents a concrete javascript instance of this type.Interface for GatewayTarget resources.Internal default implementation forIGatewayTarget.A proxy class which represents a concrete javascript instance of this type.Represents an interceptor that can be bound to a Gateway.Internal default implementation forIInterceptor.A proxy class which represents a concrete javascript instance of this type.Interface for MCP gateway targets.Internal default implementation forIMcpGatewayTarget.A proxy class which represents a concrete javascript instance of this type.Interface for Memory resources.Internal default implementation forIMemory.A proxy class which represents a concrete javascript instance of this type.Interface for Memory strategies.Internal default implementation forIMemoryStrategy.A proxy class which represents a concrete javascript instance of this type.Props forIncludedOauth2ProviderConfigIdPs whose outbound documentation requiresissuer,authorizationEndpoint, and/ortokenEndpoint(for example Okta, Auth0, Amazon Cognito, OneLogin, PingOne, CyberArk, FusionAuth).A builder forIncludedOauth2TenantCredentialProviderPropsAn implementation forIncludedOauth2TenantCredentialProviderPropsOptional tenant OAuth endpoints for IdPs that use CloudFormationIncludedOauth2ProviderConfigwith issuer and/or endpoints per the IdP’s outbound documentation.A builder forIncludedOauth2TenantEndpointsAn implementation forIncludedOauth2TenantEndpointsClass to define an API Schema from an inline string.Class to define a Tool Schema from an inline string.The interception point where the interceptor will be invoked.Configuration returned from binding an interceptor to a Gateway.A builder forInterceptorBindConfigAn implementation forInterceptorBindConfigOptions for configuring an interceptor.A builder forInterceptorOptionsAn implementation forInterceptorOptionsInvocation configuration for self managed memory strategy.A builder forInvocationConfigurationAn implementation forInvocationConfigurationAn OAuth2 credential provider registered in AgentCore Token Vault.Internal default implementation forIOAuth2CredentialProvider.A proxy class which represents a concrete javascript instance of this type.Interface for OnlineEvaluationConfig resources.Internal default implementation forIOnlineEvaluationConfig.A proxy class which represents a concrete javascript instance of this type.Interface for Runtime Endpoint resources.Internal default implementation forIRuntimeEndpoint.A proxy class which represents a concrete javascript instance of this type.Base interface for target configurations.Internal default implementation forITargetConfiguration.A proxy class which represents a concrete javascript instance of this type.A workload identity for Amazon Bedrock AgentCore.Internal default implementation forIWorkloadIdentity.A proxy class which represents a concrete javascript instance of this type.A Lambda-based interceptor for Gateway.Configuration for Lambda-based MCP targets.LifecycleConfiguration lets you manage the lifecycle of runtime sessions and resources in AgentCore Runtime.A builder forLifecycleConfigurationAn implementation forLifecycleConfigurationProps for.invalid reference
OAuth2CredentialProvider.usingLinkedinA builder forLinkedinOAuth2CredentialProviderPropsAn implementation forLinkedinOAuth2CredentialProviderPropsOptions for configuring an LLM-as-a-Judge custom evaluator.A builder forLlmAsAJudgeOptionsAn implementation forLlmAsAJudgeOptionsConfiguration for logging with log type and destination.A builder forLoggingConfigAn implementation forLoggingConfigRepresents a logging destination for AgentCore Runtime.Log types for AgentCore Runtime observability.Managed memory strategy that handles both built-in and override configurations.A fluent builder forManagedMemoryStrategy.Configuration parameters for a memory strategy that can override existing built-in default prompts/models.A builder forManagedStrategyPropsAn implementation forManagedStrategyPropsMCP protocol configuration The configuration for the Model Context Protocol (MCP).A builder forMcpConfigurationAn implementation forMcpConfigurationSearch types supported by MCP gateway.MCP (Model Context Protocol) configuration implementation.A fluent builder forMcpProtocolConfiguration.MCP protocol versions.Configuration for MCP Server-based targets.Abstract base class for MCP target configurations Provides common functionality for all MCP target types.MCP target types.Long-term memory store for extracted insights like user preferences, semantic facts and summaries.A fluent builder forMemory.Attributes for specifying an imported Memory.A builder forMemoryAttributesAn implementation forMemoryAttributesAbstract base class for a Memory.Properties for creating a Memory resource.A builder forMemoryPropsAn implementation forMemoryPropsFactory class for creating memory strategies If you need long-term memory for context recall across sessions, you can setup memory extraction strategies to extract the relevant memory from the raw events.Configuration parameters common for any memory strategy.A builder forMemoryStrategyCommonPropsAn implementation forMemoryStrategyCommonPropsLong-term memory extraction strategy types.Configuration for passing metadata (headers and query parameters) to the API Gateway target.A builder forMetadataConfigurationAn implementation forMetadataConfigurationProps for.invalid reference
OAuth2CredentialProvider.usingMicrosoftA builder forMicrosoftOAuth2CredentialProviderPropsAn implementation forMicrosoftOAuth2CredentialProviderPropsAbstract base class for network configuration.No authorization configuration implementation.Props for.invalid reference
OAuth2CredentialProvider.usingNotionA builder forNotionOAuth2CredentialProviderPropsAn implementation forNotionOAuth2CredentialProviderPropsA numerical rating scale option for custom evaluators.A builder forNumericalRatingOptionAn implementation forNumericalRatingOptionStatic OAuth2 authorization server metadata for custom credential providers.A builder forOAuth2AuthorizationServerMetadataAn implementation forOAuth2AuthorizationServerMetadataOAuth2 client identifier and secret registered with the identity provider (all vendors).A builder forOAuth2ClientCredentialsAn implementation forOAuth2ClientCredentialsL2 construct forAWS::BedrockAgentCore::OAuth2CredentialProvider.A fluent builder forOAuth2CredentialProvider.Attributes for importing an existing OAuth2 credential provider.A builder forOAuth2CredentialProviderAttributesAn implementation forOAuth2CredentialProviderAttributesShared properties for OAuth2 credential providers created viaOAuth2CredentialProviderfactory methods.A builder forOAuth2CredentialProviderBasePropsAn implementation forOAuth2CredentialProviderBasePropsNaming, tags, and client credentials shared by everyOAuth2CredentialProviderfactory.A builder forOAuth2CredentialProviderFactoryBasePropsAn implementation forOAuth2CredentialProviderFactoryBasePropsIAM actions for AgentCore OAuth2 credential providers (Token Vault).Low-level properties when you need full control (preferand other factories).invalid reference
OAuth2CredentialProvider.usingSlackA builder forOAuth2CredentialProviderPropsAn implementation forOAuth2CredentialProviderPropsBuilt-in OAuth2 vendors supported byAWS::BedrockAgentCore::OAuth2CredentialProvider.OAuth configuration.A builder forOAuthConfigurationAn implementation forOAuthConfigurationAbstract base class for OnlineEvaluationConfig.Base properties for creating an OnlineEvaluationConfig.A builder forOnlineEvaluationBasePropsAn implementation forOnlineEvaluationBasePropsOnline evaluation configuration for Amazon Bedrock AgentCore.A fluent builder forOnlineEvaluationConfig.Attributes for importing an existing OnlineEvaluationConfig.A builder forOnlineEvaluationConfigAttributesAn implementation forOnlineEvaluationConfigAttributesProperties for creating an OnlineEvaluationConfig.A builder forOnlineEvaluationConfigPropsAn implementation forOnlineEvaluationConfigPropsConfiguration for OpenAPI-based MCP targets.Configuration for overriding model and prompt template.A builder forOverrideConfigAn implementation forOverrideConfigProtocol configuration for Agent Runtime.Recording configuration for browser.A builder forRecordingConfigAn implementation forRecordingConfigProps for.invalid reference
OAuth2CredentialProvider.usingRedditA builder forRedditOAuth2CredentialProviderPropsAn implementation forRedditOAuth2CredentialProviderPropsConfiguration for HTTP request headers that will be passed through to the runtime.A builder forRequestHeaderConfigurationAn implementation forRequestHeaderConfigurationBedrock Agent Core Runtime Enables running containerized agents with specific network configurations, security settings, and runtime artifacts.A fluent builder forRuntime.Abstract base class for runtime authorizer configurations.Base class for Agent Runtime.Represents a custom claim validation configuration for Runtime JWT authorizers.Bedrock Agent Core Runtime Endpoint Provides a stable endpoint for invoking agent runtimes with versioning support.A fluent builder forRuntimeEndpoint.Attributes for importing an existing Runtime Endpoint.A builder forRuntimeEndpointAttributesAn implementation forRuntimeEndpointAttributesBase class for Runtime Endpoint.Properties for creating a Bedrock Agent Core Runtime Endpoint resource.A builder forRuntimeEndpointPropsAn implementation forRuntimeEndpointPropsNetwork configuration for the Runtime.Properties for creating a Bedrock Agent Core Runtime resource.A builder forRuntimePropsAn implementation forRuntimePropsClass to define an API Schema from an S3 object.A fluent builder forS3ApiSchema.Class to define a Tool Schema from an S3 object.A fluent builder forS3ToolSchema.Props for.invalid reference
OAuth2CredentialProvider.usingSalesforceA builder forSalesforceOAuth2CredentialProviderPropsAn implementation forSalesforceOAuth2CredentialProviderPropsSchema definition for tool input/output.A builder forSchemaDefinitionAn implementation forSchemaDefinitionSchema definition types.Use AgentCore memory for event storage with custom triggers.A fluent builder forSelfManagedMemoryStrategy.Configuration parameters for a self managed memory strategy existing built-in default prompts/models.A builder forSelfManagedStrategyPropsAn implementation forSelfManagedStrategyPropsProps for.invalid reference
OAuth2CredentialProvider.usingSlackA builder forSlackOAuth2CredentialProviderPropsAn implementation forSlackOAuth2CredentialProviderPropsConfiguration for Smithy-based MCP targets.Props for.invalid reference
OAuth2CredentialProvider.usingSpotifyA builder forSpotifyOAuth2CredentialProviderPropsAn implementation forSpotifyOAuth2CredentialProviderPropsConfiguration returned by binding a target configuration.A builder forTargetConfigurationConfigAn implementation forTargetConfigurationConfigTool definition for inline payload.A builder forToolDefinitionAn implementation forToolDefinition**************************************************************************** TOOL SCHEMA CLASS ***************************************************************************.Trigger conditions for self managed memory strategy When first condition is met, batched payloads are sent to specified S3 bucket.A builder forTriggerConditionsAn implementation forTriggerConditionsProps for.invalid reference
OAuth2CredentialProvider.usingTwitchA builder forTwitchOAuth2CredentialProviderPropsAn implementation forTwitchOAuth2CredentialProviderPropsVPC configuration properties.A builder forVpcConfigPropsAn implementation forVpcConfigPropsL2 construct forAWS::BedrockAgentCore::WorkloadIdentity.A fluent builder forWorkloadIdentity.Attributes for importing an existing workload identity.A builder forWorkloadIdentityAttributesAn implementation forWorkloadIdentityAttributesIAM actions for AgentCore workload identities.Properties for a newWorkloadIdentity.A builder forWorkloadIdentityPropsAn implementation forWorkloadIdentityPropsProps for.invalid reference
OAuth2CredentialProvider.usingXA builder forXOAuth2CredentialProviderPropsAn implementation forXOAuth2CredentialProviderPropsProps for.invalid reference
OAuth2CredentialProvider.usingYandexA builder forYandexOAuth2CredentialProviderPropsAn implementation forYandexOAuth2CredentialProviderPropsProps for.invalid reference
OAuth2CredentialProvider.usingZoomA builder forZoomOAuth2CredentialProviderPropsAn implementation forZoomOAuth2CredentialProviderProps